<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></meta><title>test</title><style type="text/css" media="all">
                @import url("https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800")
                </style><style type="text/css" media="all">
                    html, body, div, span, applet, object, iframe, h1, h2, h4, h5, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, embed, figure, figcaption, footer, header, hgroup, menu, nav, output, ruby, section, summary, time, mark, audio, video {
                        margin: 0;
                        padding: 0;
                        border: 0;
                        font-size: 100%;
                        font: inherit;
                        vertical-align: baseline;
                        -webkit-text-size-adjust: none;
                    }

                    h3, h6 {
                        font-weight: 300 !important;
                    }

                    html, body {
                        font-family: 'Open Sans', 'Helvetica Neue', 'Segoe UI', helvetica, arial, sans-serif;
                        width: 100%;
                        color: #333;
                        font-size: 13px;
                        background: #efefef;
                    }

                    a, a:visited, a:active {
                        color: #67ACE1;
                        text-decoration: none;
                    }

                    a:hover {
                        color: #67ACE1;
                        text-decoration: underline;
                    }

                    .clear {
                        clear: both;
                        width: 0 !important;
                        height: 0 !important;
                        margin: 0 !important;
                        padding: 0 !important;
                    }

                    table {
                        table-layout: fixed;
                        width: 100%;
                        border-collapse: collapse;
                        border-spacing: 0;
                        margin-bottom: 20px;
                        margin-top: 20px;
                    }

                    .plugin-row-header {
                        height: 35px;
                        line-height: 35px;
                        background: #f5f5f5;
                        font-size: 12px;
                        border: 1px solid #ddd;
                    }

                    .plugin-row {
                        height: 40px;
                        border: 1px solid #ddd;
                    }

                    .plugin-row td {
                        padding: 10px 0;
                        line-height: 20px;
                    }

                    .table-wrapper.details,
                    .table-wrapper.see-also {
                        margin: 0 0 20px 0;
                    }

                    .table-wrapper.details > table > tbody > tr > td {
                        padding: 5px 0;
                    }

                    .button {
                        display: block;
                        float: left;
                        line-height: 30px;
                        background: #eee;
                        border-radius: 3px;
                        cursor: pointer;
                        padding: 0 15px;
                    }

                    .button:hover {
                        background: #ccc;
                    }

                    .expand {
                        display: block;
                        float:right;
                        font-size: 12px;
                        color: #67ACE1;
                        cursor: pointer;
                        font-weight: 400;
                        line-height: 20px;
                        margin: 0 0 0 10px;
                    }

                    .expand:hover {
                        text-decoration: underline;
                    }

                    .expand-spacer {
                        display: block;
                        float:right;
                        font-size: 12px;
                        font-weight: 400;
                        line-height: 20px;
                        margin: 0 0 0 10px;
                    }

                    .details-header {
                        font-size: 14px;
                        font-weight: 700;
                        padding: 0 0 5px 0;
                        margin: 0 0 5px 0;
                        border-bottom: 1px dotted #ccc;
                    }

                    .offline {
                        background-image: -webkit-repeating-linear-gradient(135deg, transparent, transparent 5px, rgba(255, 255, 255, .2) 5px, rgba(255, 255, 255, .2) 10px) !important;
                        background-image: repeating-linear-gradient(135deg, transparent, transparent 5px, rgba(255, 255, 255, .2) 5px, rgba(255, 255, 255, .2) 10px) !important;
                    }

                    .acas-header {
                        padding: 0 10px;
                    }

                    .acas-header,
                    .acas-footer > h1 {
                        color: #fff;
                        font-weight: 700;
                        font-size: 15px;
                        text-align: center;
                    }

                    .table-desc > h5 {
                        color: #000;
                        text-align: left;
                        padding: 3px;
                        font-size: 14px;
                        font-weight: 300;
                        letter-spacing: 1px;
                        padding-top: 15px;
                        padding-bottom: 15px;
                    }

                </style><script type="text/javascript">
                        var toggle = function (id) {
                            var div = document.getElementById(id);
                            var button = document.getElementById(id + '-show');

                            if (!div || !button) {
                                return;
                            }

                            if (div.style.display === '' || div.style.display === 'block') {
                                button.style.display = 'block';
                                div.style.display = 'none';
                                adjustWatermark();
                                return;
                            }

                            button.style.display = 'none';
                            div.style.display = 'block';

                            adjustWatermark();
                        };

                        var toggleAll = function (hide) {
                            if (document.querySelectorAll('div.section-wrapper').length) {
                                toggleAllSection(hide);
                                adjustWatermark();
                                return;
                            }

                            var divs = document.querySelectorAll('div.table-wrapper');

                            for (var i = 0, il = divs.length; i < il; i++) {
                                var id = divs[i].getAttribute('id');
                                var div = document.getElementById(id);
                                var button = document.getElementById(id + '-show');

                                if (div && button) {
                                    if (hide) {
                                        button.style.display = 'block';
                                        div.style.display = 'none';
                                        adjustWatermark();
                                        continue;
                                    }

                                    button.style.display = 'none';
                                    div.style.display = 'block';
                                }
                            }
                            adjustWatermark();
                        };

                        var toggleSection = function (id) {
                            var div = document.getElementById(id);
                            var toggleText = document.getElementById(id.split('-')[0] + '-toggletext');

                            if (!div) {
                                return;
                            }

                            if (div.style.display !== 'none') {
                                toggleText.innerText = '+';
                                div.style.display = 'none';
                                adjustWatermark();
                                return;
                            }

                            toggleText.innerText = '-';
                            div.style.display = 'block';

                            adjustWatermark();
                        };

                        var toggleAllSection = function (hide) {
                            var divs = document.querySelectorAll('div.section-wrapper');

                            for (var i = 0, il = divs.length; i < il; i++) {
                                var id = divs[i].getAttribute('id');
                                var div = document.getElementById(id);
                                var toggleText = document.getElementById(id.split('-')[0] + '-toggletext');

                                if (div) {
                                    if (hide) {
                                        toggleText.innerText = '+';
                                        div.style.display = 'none';
                                        continue;
                                    }

                                    toggleText.innerText = '-';
                                    div.style.display = 'block';
                                }
                            }
                            adjustWatermark();
                        };

                        var adjustWatermark = function () {
                          if (document.getElementById('nessus-watermark')) {
                            let el = document.getElementById('nessus-watermark');
                            let body = document.body;
                            let html = document.documentElement;
                            let height = Math.max( body.scrollHeight, body.offsetHeight,
                                html.clientHeight, html.scrollHeight, html.offsetHeight );
                            el.setAttribute('height', body.offsetHeight);
                          }
                        };
                        </script></head><body><div id="report" style="width: 1024px; box-sizing: border-box; margin: 0 auto; background: #fff; padding: 0 20px 20px 20px; border-top: #263746 solid 3px; box-shadow: 0 2px 10px rgba(0, 0, 0, .2); margin-bottom: 20px; border-radius: 0 0 3px 3px;"><header style="width: 100%; border-bottom: 1px dotted #ccc; padding: 20px 0; margin: 0 0 20px 0;"><div style="float: left;"><h1><img src="" height="50" border="0" alt="Nessus Report" style="display: block;"></img></h1></div><div style="float: right;"><h1 style="font-size: 18px;"></h1><h2 style="color: #999; text-align: right">Report generated by Nessus™</h2></div><div class="clear"></div></header><div class="clear"></div><h3 style="font-size: 24px; font-weight: 300;">test</h3><h4 style="color: #999; border-bottom: 1px dotted #ccc; padding: 0 0 20px 0; margin: 0 0 20px 0;">Mon, 18 Sep 2023 11:26:54 CST</h4><div class="clear"></div><div style="width: 100%;"><h5 xmlns="" style="font-size: 16px; font-weight: 700; margin-bottom: 20px;">TABLE OF CONTENTS</h5>
<ul xmlns="" style="list-style-type: none; margin-bottom: 20px;">
<li style="font-size: 14px;">
<a href="#idp45189070390168" style="font-weight: 700;">Vulnerabilities by Host</a><ul style="list-style-type: disc; margin: 10px 0 0 20px;"><li style="margin: 0 0 10px 0; color: #000000;"><a href="#idp45189070391448">172.16.187.220</a></li></ul>
</li>
<li style="font-size: 14px;">
<a href="#idp45188419476248" style="font-weight: 700;">Compliance 'FAILED'</a><ul style="list-style-type: disc; margin: 10px 0 0 20px;"></ul>
</li>
<li style="font-size: 14px;">
<a href="#idp45188419476632" style="font-weight: 700;">Compliance 'SKIPPED'</a><ul style="list-style-type: disc; margin: 10px 0 0 20px;"></ul>
</li>
<li style="font-size: 14px;">
<a href="#idp45188419477016" style="font-weight: 700;">Compliance 'PASSED'</a><ul style="list-style-type: disc; margin: 10px 0 0 20px;"></ul>
</li>
<li style="font-size: 14px;">
<a href="#idp45188419477400" style="font-weight: 700;">Compliance 'INFO', 'WARNING', 'ERROR'</a><ul style="list-style-type: disc; margin: 10px 0 0 20px;"></ul>
</li>
<li style="font-size: 14px;">
<a href="#idp45188419477784" style="font-weight: 700;">Remediations</a><ul style="list-style-type: disc; margin: 10px 0 0 20px;"><li style="margin: 0 0 10px 0; color: #000000;"><a href="#idp45188419478168">Suggested Remediations</a></li></ul>
</li>
</ul>
<h6 xmlns="" id="idp45189070390168" style="padding: 20px 0; border-top: 1px dotted #ccc; border-bottom: 1px dotted #ccc; font-size: 20px; font-weight: 400; line-height: 20px;">Vulnerabilities by Host<span onclick="toggleAll();" class="expand">Expand All</span><span class="expand-spacer"> | </span><span onclick="toggleAll(true);" class="expand">Collapse All</span>
</h6>
<div xmlns="" id="idp45189070391448" style="font-size: 22px; font-weight: 700; padding: 10px 0;">172.16.187.220<div class="clear"></div>
</div>
<div xmlns="" id="idp45189070836504" style="display: block;" class="table-wrapper ">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width=""></th>
<th width=""></th>
<th width=""></th>
<th width=""></th>
<th width=""></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#91243E" style=" " colspan="1"><div style="box-sizing: border-box; font-size: 45px; font-weight: 300; line-height: 80px; color: #fff; text-align: center; background: #91243E; border-radius: 3px 3px 0 0; width: 98%; margin: 0;">16</div></td>
<td class="#DD4B50" style=" " colspan="1"><div style="box-sizing: border-box; font-size: 45px; font-weight: 300; line-height: 80px; color: #fff; text-align: center; background: #DD4B50; border-radius: 3px 3px 0 0; width: 98%; margin: 0;">20</div></td>
<td class="#F18C43" style=" " colspan="1"><div style="box-sizing: border-box; font-size: 45px; font-weight: 300; line-height: 80px; color: #fff; text-align: center; background: #F18C43; border-radius: 3px 3px 0 0; width: 98%; margin: 0;">22</div></td>
<td class="#F8C851" style=" " colspan="1"><div style="box-sizing: border-box; font-size: 45px; font-weight: 300; line-height: 80px; color: #fff; text-align: center; background: #F8C851; border-radius: 3px 3px 0 0; width: 98%; margin: 0;">0</div></td>
<td class="#67ACE1" style=" " colspan="1"><div style="box-sizing: border-box; font-size: 45px; font-weight: 300; line-height: 80px; color: #fff; text-align: center; background: #67ACE1; border-radius: 3px 3px 0 0; width: 98%; margin: 0;">152</div></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1"><div style="font-size: 10px; text-transform: uppercase; padding: 5px 0; text-align: center; width: 98%; box-sizing: border-box; border-left: 1px solid #ddd; border-right: 1px solid #ddd; border-bottom: 1px solid #ddd; border-radius: 0 0 3px 3px;  margin: 0; margin-bottom: 15px;">Critical</div></td>
<td class="#ffffff" style=" " colspan="1"><div style="font-size: 10px; text-transform: uppercase; padding: 5px 0; text-align: center; width: 98%; box-sizing: border-box; border-left: 1px solid #ddd; border-right: 1px solid #ddd; border-bottom: 1px solid #ddd; border-radius: 0 0 3px 3px;  margin: 0; margin-bottom: 15px;">High</div></td>
<td class="#ffffff" style=" " colspan="1"><div style="font-size: 10px; text-transform: uppercase; padding: 5px 0; text-align: center; width: 98%; box-sizing: border-box; border-left: 1px solid #ddd; border-right: 1px solid #ddd; border-bottom: 1px solid #ddd; border-radius: 0 0 3px 3px;  margin: 0; margin-bottom: 15px;">Medium</div></td>
<td class="#ffffff" style=" " colspan="1"><div style="font-size: 10px; text-transform: uppercase; padding: 5px 0; text-align: center; width: 98%; box-sizing: border-box; border-left: 1px solid #ddd; border-right: 1px solid #ddd; border-bottom: 1px solid #ddd; border-radius: 0 0 3px 3px;  margin: 0; margin-bottom: 15px;">Low</div></td>
<td class="#ffffff" style=" " colspan="1"><div style="font-size: 10px; text-transform: uppercase; padding: 5px 0; text-align: center; width: 98%; box-sizing: border-box; border-left: 1px solid #ddd; border-right: 1px solid #ddd; border-bottom: 1px solid #ddd; border-radius: 0 0 3px 3px;  margin: 0; margin-bottom: 15px;">Info</div></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div xmlns="" class="details-header">Scan Information<div class="clear"></div>
</div>
<div xmlns="" id="idp45189071016984" style="display: block;" class="table-wrapper details">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="20%"></th>
<th width="80%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">Start time:</td>
<td class="#ffffff" style=" " colspan="1">Mon Sep 18 11:09:11 2023</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">End time:</td>
<td class="#ffffff" style=" " colspan="1">Mon Sep 18 11:26:53 2023</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div xmlns="" class="details-header">Host Information<div class="clear"></div>
</div>
<div xmlns="" id="idp45189071025176" style="display: block;" class="table-wrapper details">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="20%"></th>
<th width="80%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">IP:</td>
<td class="#ffffff" style=" " colspan="1">172.16.187.220</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">MAC Address:</td>
<td class="#ffffff" style=" " colspan="1">72:2E:BB:F4:EB:27 E2:B5:1D:83:EB:43 DA:1A:56:6D:A1:F0 02:12:57:39:16:FD 02:42:6D:1A:61:86 EE:CE:73:C5:5A:2C 02:42:3E:74:96:F5 CE:94:EF:3C:8F:6B EA:F3:50:31:59:9B 00:50:56:9B:47:A6 56:68:A9:0E:23:B3 62:51:C6:0C:15:D7 02:42:F6:95:F7:E4 2A:98:9C:35:ED:63 1A:3B:2A:DE:37:1E 7E:86:A3:C1:36:9A 02:42:F3:A7:8B:29</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">OS:</td>
<td class="#ffffff" style=" " colspan="1">Linux Kernel 3.10.0-1160.88.1.el7.x86_64 on CentOS Linux release 7.9.2009 (Core)</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div xmlns="" class="details-header">Vulnerabilities<div class="clear"></div>
</div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071035160" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071035160-container');" onmouseover="this.style.cursor='pointer'">156860 - Apache Log4j 1.x Multiple Vulnerabilities<div id="idp45189071035160-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071035160-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A logging library running on the remote host has multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version number, the installation of Apache Log4j on the remote host is 1.x and is no longer supported. Log4j reached its end of life prior to 2016. Additionally, Log4j 1.x is affected by multiple vulnerabilities, including :<br> <br>  - Log4j includes a SocketServer that accepts serialized log events and deserializes them without verifying whether     the objects are allowed or not. This can provide an attack vector that can be exploited. (CVE-2019-17571)<br> <br>  - Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS     connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that     appender. (CVE-2020-9488)<br> <br>  - JMSSink uses JNDI in an unprotected manner allowing any application using the JMSSink to be vulnerable if it is     configured to reference an untrusted site or if the site referenced can be accesseed by the attacker.<br>    (CVE-2022-23302)<br> <br>Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071050008" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://logging.apache.org/log4j/1.2/" target="_blank">https://logging.apache.org/log4j/1.2/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to a version of Apache Log4j that is currently supported.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.5 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071081752" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17571" target="_blank">CVE-2019-17571</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9488" target="_blank">CVE-2020-9488</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23302" target="_blank">CVE-2022-23302</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23305" target="_blank">CVE-2022-23305</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23307" target="_blank">CVE-2022-23307</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-26464" target="_blank">CVE-2023-26464</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2021-0004</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2021-0025</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/01/19, Modified: 2023/03/13<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/client/log4j.jar<br>  Installed version : 1.2.16<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/common/lib/log4j.jar<br>  Installed version : 1.2.16<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/server/minimal/lib/log4j.jar<br>  Installed version : 1.2.16<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/e9ec644e3140251dbd50af579fb8c1232b5554c05e1c2af159b722964c142e45/diff/usr/local/tomcat/webapps/ROOT.war<br>  Installed version : 1.2.17<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189071136792" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071136792-container');" onmouseover="this.style.cursor='pointer'">156057 - Apache Log4j 2.x &lt; 2.16.0 RCE<div id="idp45189071136792-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071136792-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A package installed on the remote host is affected by a remote code execution vulnerability.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The version of Apache Log4j on the remote host is 2.x &lt; 2.12.2 / 2.16.0. It is, therefore, affected by a remote code execution vulnerability. The fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allow attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in a remote code execution (RCE) attack.<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071161368" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://github.com/advisories/GHSA-7rjr-3q55-vv33" target="_blank">https://github.com/advisories/GHSA-7rjr-3q55-vv33</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://access.redhat.com/security/cve/cve-2021-45046" target="_blank">https://access.redhat.com/security/cve/cve-2021-45046</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Apache Log4j version 2.3.1, 2.12.2, 2.16.0 or later, or apply the vendor mitigation.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.0 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.3 (CVSS:3.0/E:F/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.2 (CVSS2#E:F/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071814552" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45046" target="_blank">CVE-2021-45046</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0573</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0598</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0597</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0596</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:0001-A-0650</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CISA-KNOWN-EXPLOITED:2023/05/22</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/12/14, Modified: 2023/05/01<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.13.0.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.2<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/lib/log4j-core-2.11.1.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189071826584" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071826584-container');" onmouseover="this.style.cursor='pointer'">155999 - Apache Log4j &lt; 2.15.0 Remote Code Execution (Nix)<div id="idp45189071826584-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071826584-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A package installed on the remote host is affected by a remote code execution vulnerability.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The version of Apache Log4j on the remote host is 2.x &lt; 2.3.1 / 2.4 &lt; 2.12.3 / 2.13 &lt; 2.15.0. It is, therefore, affected by a remote code execution vulnerability in the JDNI parser due to improper log validation. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands. <br> <br>Log4j 1.x, which reached its End of Life prior to 2016, comes with JMSAppender which will perform a JNDI lookup if enabled in Log4j's configuration file, hence customers should evaluate triggers in 1.x based on the risk that it is EOL and whether JNDI lookups are enabled.<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071830680" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://github.com/apache/logging-log4j2/pull/608" target="_blank">https://github.com/apache/logging-log4j2/pull/608</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://logging.apache.org/log4j/2.x/security.html" target="_blank">https://logging.apache.org/log4j/2.x/security.html</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Apache Log4j version 2.3.1 / 2.12.3 / 2.15.0 or later, or apply the vendor mitigation.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.5 (CVSS:3.0/E:H/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.1 (CVSS2#E:H/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071844888" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44228" target="_blank">CVE-2021-44228</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0573</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:0001-A-0650</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CISA-KNOWN-EXPLOITED:2021/12/24</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2021-0052</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2023-0004</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Exploitable With<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">CANVAS (true) Core Impact (true) <div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/12/10, Modified: 2023/02/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.13.0.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.2<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/lib/log4j-core-2.11.1.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189071857048" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071857048-container');" onmouseover="this.style.cursor='pointer'">156032 - Apache Log4j Unsupported Version Detection<div id="idp45189071857048-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071857048-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A logging library running on the remote host is no longer supported.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version number, the installation of Apache Log4j on the remote host is no longer supported. Log4j reached its end of life prior to 2016.<br> <br>Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071864728" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?59f655a2" target="_blank">http://www.nessus.org/u?59f655a2</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to a version of Apache Log4j that is currently supported.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Critical<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071883288" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:0001-A-0650</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/12/13, Modified: 2022/05/18<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/client/log4j.jar<br>  Installed version : 1.2.16<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/common/lib/log4j.jar<br>  Installed version : 1.2.16<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/server/minimal/lib/log4j.jar<br>  Installed version : 1.2.16<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/e9ec644e3140251dbd50af579fb8c1232b5554c05e1c2af159b722964c142e45/diff/usr/local/tomcat/webapps/ROOT.war<br>  Installed version : 1.2.17<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189071904280" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071904280-container');" onmouseover="this.style.cursor='pointer'">161616 - Tenable Nessus 10.x &lt; 10.2.0 Third-Party Vulnerabilities (TNS-2022-11)<div id="idp45189071904280-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071904280-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple third-party vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.2.0. It is, therefore, affected by multiple vulnerabilities in third-party libraries, including:<br> <br>  - An integer overflow in storeRawNames in Expat (aka libexpat) before 2.4.5. (CVE-2022-25315)<br> <br>  - Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. (CVE-2022-23990)<br> <br>  - Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. (CVE-2022-23852)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071909400" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-11" target="_blank">https://www.tenable.com/security/tns-2022-11</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.2.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.8 (CVSS:3.0/E:P/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.9 (CVSS2#E:POC/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071917208" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-25032" target="_blank">CVE-2018-25032</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41182" target="_blank">CVE-2021-41182</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41183" target="_blank">CVE-2021-41183</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41184" target="_blank">CVE-2021-41184</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23852" target="_blank">CVE-2022-23852</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23990" target="_blank">CVE-2022-23990</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25235" target="_blank">CVE-2022-25235</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25236" target="_blank">CVE-2022-25236</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25313" target="_blank">CVE-2022-25313</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25314" target="_blank">CVE-2022-25314</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25315" target="_blank">CVE-2022-25315</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/05/27, Modified: 2023/02/08<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.2.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071950232" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071950232-container');" onmouseover="this.style.cursor='pointer'">161616 - Tenable Nessus 10.x &lt; 10.2.0 Third-Party Vulnerabilities (TNS-2022-11)<div id="idp45189071950232-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071950232-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple third-party vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.2.0. It is, therefore, affected by multiple vulnerabilities in third-party libraries, including:<br> <br>  - An integer overflow in storeRawNames in Expat (aka libexpat) before 2.4.5. (CVE-2022-25315)<br> <br>  - Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. (CVE-2022-23990)<br> <br>  - Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. (CVE-2022-23852)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071955352" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-11" target="_blank">https://www.tenable.com/security/tns-2022-11</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.2.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.8 (CVSS:3.0/E:P/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.9 (CVSS2#E:POC/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071963160" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-25032" target="_blank">CVE-2018-25032</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41182" target="_blank">CVE-2021-41182</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41183" target="_blank">CVE-2021-41183</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41184" target="_blank">CVE-2021-41184</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23852" target="_blank">CVE-2022-23852</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23990" target="_blank">CVE-2022-23990</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25235" target="_blank">CVE-2022-25235</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25236" target="_blank">CVE-2022-25236</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25313" target="_blank">CVE-2022-25313</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25314" target="_blank">CVE-2022-25314</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25315" target="_blank">CVE-2022-25315</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/05/27, Modified: 2023/02/08<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.2.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071996184" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071996184-container');" onmouseover="this.style.cursor='pointer'">166600 - Tenable Nessus 10.x &lt; 10.3.1 Multiple Vulnerabilities (TNS-2022-20)<div id="idp45189071996184-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071996184-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.3.1. It is, therefore, affected by multiple vulnerabilities, including:<br> <br>  - A use-after-free vulnerability in the doContent function in xmlparse.c in libexpat. (CVE-2022-40674)<br> <br>  - A path traversal vulnerability in the locale string handling functionality of Moment.js. (CVE-2022-24785)<br> <br>  - A denial of service vulnerability in the string-to-date parsing functinality in Moment.js (CVE-2022-31129)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072001304" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-20" target="_blank">https://www.tenable.com/security/tns-2022-20</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.3.1 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.8 (CVSS:3.0/E:P/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.9 (CVSS2#E:POC/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189072010136" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28458" target="_blank">CVE-2020-28458</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23445" target="_blank">CVE-2021-23445</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2309" target="_blank">CVE-2022-2309</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23308" target="_blank">CVE-2022-23308</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24785" target="_blank">CVE-2022-24785</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29824" target="_blank">CVE-2022-29824</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31129" target="_blank">CVE-2022-31129</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37434" target="_blank">CVE-2022-37434</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40674" target="_blank">CVE-2022-40674</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0059</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/10/27, Modified: 2023/04/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.3.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189072029464" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #91243E; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189072029464-container');" onmouseover="this.style.cursor='pointer'">166600 - Tenable Nessus 10.x &lt; 10.3.1 Multiple Vulnerabilities (TNS-2022-20)<div id="idp45189072029464-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189072029464-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.3.1. It is, therefore, affected by multiple vulnerabilities, including:<br> <br>  - A use-after-free vulnerability in the doContent function in xmlparse.c in libexpat. (CVE-2022-40674)<br> <br>  - A path traversal vulnerability in the locale string handling functionality of Moment.js. (CVE-2022-24785)<br> <br>  - A denial of service vulnerability in the string-to-date parsing functinality in Moment.js (CVE-2022-31129)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072034584" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-20" target="_blank">https://www.tenable.com/security/tns-2022-20</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.3.1 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.8 (CVSS:3.0/E:P/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.9 (CVSS2#E:POC/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189072043416" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28458" target="_blank">CVE-2020-28458</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23445" target="_blank">CVE-2021-23445</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2309" target="_blank">CVE-2022-2309</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23308" target="_blank">CVE-2022-23308</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24785" target="_blank">CVE-2022-24785</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29824" target="_blank">CVE-2022-29824</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31129" target="_blank">CVE-2022-31129</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37434" target="_blank">CVE-2022-37434</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40674" target="_blank">CVE-2022-40674</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0059</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/10/27, Modified: 2023/04/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.3.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189072079128" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189072079128-container');" onmouseover="this.style.cursor='pointer'">156103 - Apache Log4j 1.2 JMSAppender Remote Code Execution (CVE-2021-4104)<div id="idp45189072079128-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189072079128-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A package installed on the remote host is affected by a remote code execution vulnerability.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The version of Apache Log4j on the remote host is 1.2. It is, therefore, affected by a remote code execution vulnerability when specifically configured to use JMSAppender.<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072082712" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?33485eac" target="_blank">http://www.nessus.org/u?33485eac</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://access.redhat.com/security/cve/CVE-2021-4104" target="_blank">https://access.redhat.com/security/cve/CVE-2021-4104</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Apache Log4j version 2.16.0 or later since 1.x is end of life.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.4 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189072092824" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4104" target="_blank">CVE-2021-4104</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0573</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:0001-A-0650</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/12/15, Modified: 2022/04/11<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/client/log4j.jar<br>  Installed version : 1.2.16<br>  Fixed version     : 2.16.0<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/common/lib/log4j.jar<br>  Installed version : 1.2.16<br>  Fixed version     : 2.16.0<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/server/minimal/lib/log4j.jar<br>  Installed version : 1.2.16<br>  Fixed version     : 2.16.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189072115224" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189072115224-container');" onmouseover="this.style.cursor='pointer'">179319 - CentOS 7 : bind (CESA-2023:4152)<div id="idp45189072115224-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189072115224-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux host is missing a security update.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4152 advisory.<br> <br>  - Every `named` instance configured to run as a recursive resolver maintains a cache database holding the     responses to the queries it has recently sent to authoritative servers. The size limit for that cache     database can be configured using the `max-cache-size` statement in the configuration file; it defaults to     90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the     configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets     from the cache, to keep memory use below the configured limit. It has been discovered that the     effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the     resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size`     limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0     through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.<br>    (CVE-2023-2828)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072119576" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?6235f3eb" target="_blank">http://www.nessus.org/u?6235f3eb</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update the affected packages.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.8 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189072128408" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2828" target="_blank">CVE-2023-2828</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0320</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">RHSA:2023:4152</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/03, Modified: 2023/08/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote package installed : bind-export-libs-9.11.4-26.P2.el7_9.13<br>Should be                : bind-export-libs-9.11.4-26.P2.el7_9.14<br> <br>Remote package installed : bind-libs-lite-9.11.4-26.P2.el7_9.13<br>Should be                : bind-libs-lite-9.11.4-26.P2.el7_9.14<br> <br>Remote package installed : bind-license-9.11.4-26.P2.el7_9.13<br>Should be                : bind-license-9.11.4-26.P2.el7_9.14<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189072136728" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189072136728-container');" onmouseover="this.style.cursor='pointer'">178967 - CentOS 7 : emacs (CESA-2023:3481)<div id="idp45189072136728-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189072136728-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux host is missing a security update.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3481 advisory.<br> <br>  - An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability.<br>    In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and     parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be     executed. (CVE-2022-48339)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072141080" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?a1415bc3" target="_blank">http://www.nessus.org/u?a1415bc3</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update the affected packages.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.8 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.3 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189072161176" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48339" target="_blank">CVE-2022-48339</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">RHSA:2023:3481</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/77" target="_blank">CWE:77</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/28, Modified: 2023/07/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote package installed : emacs-filesystem-24.3-23.el7<br>Should be                : emacs-filesystem-24.3-23.el7_9.1<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189072172312" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189072172312-container');" onmouseover="this.style.cursor='pointer'">178966 - CentOS 7 : git (CESA-2023:3263)<div id="idp45189072172312-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189072172312-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux host is missing one or more security updates.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:3263 advisory.<br> <br>  - Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8,     2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a     path outside the working tree can be overwritten with partially controlled contents (corresponding to the     rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8,     2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with     `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch     before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file     exists. (CVE-2023-25652)<br> <br>  - Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8,     2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs     that are longer than 1024 characters can used to exploit a bug in     `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary     configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section     associated with that submodule. When the attacker injects configuration values which specify executables     to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code     execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6,     2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted     repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`. (CVE-2023-29007)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072181016" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?5322119f" target="_blank">http://www.nessus.org/u?5322119f</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update the affected packages.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.0 (CVSS:3.0/E:P/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.1 (CVSS2#E:POC/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189072188824" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25652" target="_blank">CVE-2023-25652</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29007" target="_blank">CVE-2023-29007</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">RHSA:2023:3263</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/28, Modified: 2023/07/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote package installed : git-1.8.3.1-24.el7_9<br>Should be                : git-1.8.3.1-25.el7_9<br> <br>Remote package installed : perl-Git-1.8.3.1-24.el7_9<br>Should be                : perl-Git-1.8.3.1-25.el7_9<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189070578712" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070578712-container');" onmouseover="this.style.cursor='pointer'">174680 - CentOS 7 : java-11-openjdk (CESA-2023:1875)<div id="idp45189070578712-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070578712-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux host is missing one or more security updates.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:1875 advisory.<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE,     Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized     creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM     Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to     all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to     Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java     applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java     sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component,     e.g., through a web service which supplies data to the APIs. (CVE-2023-21930)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf,     11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in     unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21937)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf,     11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in     unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not     apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed     by an administrator). (CVE-2023-21938)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability     allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM     Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or     delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This     vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start     applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the     internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using     APIs in the specified Component, e.g., through a web service which supplies data to the APIs.<br>    (CVE-2023-21939)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability     allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE,     Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized     access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21954)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE,     Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized     ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM     Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21967)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf,     11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in     unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21968)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070663960" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?0a11a259" target="_blank">http://www.nessus.org/u?0a11a259</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update the affected packages.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.4 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.3 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189072236440" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21930" target="_blank">CVE-2023-21930</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21937" target="_blank">CVE-2023-21937</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21938" target="_blank">CVE-2023-21938</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21939" target="_blank">CVE-2023-21939</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21954" target="_blank">CVE-2023-21954</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21967" target="_blank">CVE-2023-21967</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21968" target="_blank">CVE-2023-21968</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">RHSA:2023:1875</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/20" target="_blank">CWE:20</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/158" target="_blank">CWE:158</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/200" target="_blank">CWE:200</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/358" target="_blank">CWE:358</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/924" target="_blank">CWE:924</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/04/25, Modified: 2023/04/25<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote package installed : java-11-openjdk-11.0.18.0.10-1.el7_9<br>Should be                : java-11-openjdk-11.0.19.0.7-1.el7_9<br> <br>Remote package installed : java-11-openjdk-headless-11.0.18.0.10-1.el7_9<br>Should be                : java-11-openjdk-headless-11.0.19.0.7-1.el7_9<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189070183192" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070183192-container');" onmouseover="this.style.cursor='pointer'">179318 - CentOS 7 : kernel (CESA-2023:4151)<div id="idp45189070183192-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070183192-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux host is missing a security update.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4151 advisory.<br> <br>  - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the     function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The     manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated     identifier of this vulnerability is VDB-211087. (CVE-2022-3564)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072247576" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?8c21eced" target="_blank">http://www.nessus.org/u?8c21eced</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update the affected packages.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.1 (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.2 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.8 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070191000" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3564" target="_blank">CVE-2022-3564</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">RHSA:2023:4151</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/416" target="_blank">CWE:416</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/03, Modified: 2023/08/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote package installed : kernel-3.10.0-1160.88.1.el7<br>Should be                : kernel-3.10.0-1160.95.1.el7<br> <br>Remote package installed : kernel-headers-3.10.0-1160.88.1.el7<br>Should be                : kernel-headers-3.10.0-1160.95.1.el7<br> <br>Remote package installed : kernel-tools-3.10.0-1160.88.1.el7<br>Should be                : kernel-tools-3.10.0-1160.95.1.el7<br> <br>Remote package installed : kernel-tools-libs-3.10.0-1160.88.1.el7<br>Should be                : kernel-tools-libs-3.10.0-1160.95.1.el7<br> <br>Remote package installed : python-perf-3.10.0-1160.88.1.el7<br>Should be                : python-perf-3.10.0-1160.95.1.el7<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189072261400" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189072261400-container');" onmouseover="this.style.cursor='pointer'">178968 - CentOS 7 : python (CESA-2023:3555)<div id="idp45189072261400-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189072261400-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux host is missing a security update.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3555 advisory.<br> <br>  - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting     methods by supplying a URL that starts with blank characters. (CVE-2023-24329)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415340824" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?926b7f9c" target="_blank">http://www.nessus.org/u?926b7f9c</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update the affected packages.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.7 (CVSS:3.0/E:P/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.1 (CVSS2#E:POC/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415349656" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24329" target="_blank">CVE-2023-24329</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0118-S</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">RHSA:2023:3555</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0283-S</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/20" target="_blank">CWE:20</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/28, Modified: 2023/08/31<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote package installed : python-2.7.5-92.el7_9<br>Should be                : python-2.7.5-93.el7_9<br> <br>Remote package installed : python-devel-2.7.5-92.el7_9<br>Should be                : python-devel-2.7.5-93.el7_9<br> <br>Remote package installed : python-libs-2.7.5-92.el7_9<br>Should be                : python-libs-2.7.5-93.el7_9<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188415360024" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415360024-container');" onmouseover="this.style.cursor='pointer'">178973 - CentOS 7 : python3 (CESA-2023:3556)<div id="idp45188415360024-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415360024-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux host is missing a security update.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3556 advisory.<br> <br>  - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting     methods by supplying a URL that starts with blank characters. (CVE-2023-24329)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415364120" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?67406f19" target="_blank">http://www.nessus.org/u?67406f19</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update the affected packages.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.7 (CVSS:3.0/E:P/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.1 (CVSS2#E:POC/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415385240" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24329" target="_blank">CVE-2023-24329</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0118-S</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">RHSA:2023:3556</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0283-S</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/20" target="_blank">CWE:20</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/28, Modified: 2023/08/31<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote package installed : python3-3.6.8-18.el7<br>Should be                : python3-3.6.8-19.el7_9<br> <br>Remote package installed : python3-libs-3.6.8-18.el7<br>Should be                : python3-libs-3.6.8-19.el7_9<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188415398936" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415398936-container');" onmouseover="this.style.cursor='pointer'">177395 - Jenkins LTS &lt; 2.401.1 / Jenkins weekly &lt; 2.400 XSRF<div id="idp45188415398936-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415398936-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An application running on a remote web server host is affected by multiple vulnerabilities<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.401.1 or Jenkins weekly prior to 2.400. It is, therefore, affected by the following vulnerability:<br> <br>  - In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of     context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be     tricked into sending a POST request to an unexpected endpoint by opening a context menu. (CVE-2023-35141)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070869528" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://jenkins.io/security/advisory/2023-06-14" target="_blank">https://jenkins.io/security/advisory/2023-06-14</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade Jenkins weekly to version 2.400 or later, or Jenkins LTS to version 2.401.1 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.0 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.0 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070710424" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35141" target="_blank">CVE-2023-35141</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">JENKINS:2023-06-14</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0309</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/06/16, Modified: 2023/06/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Product           : Jenkins Open Source LTS<br>  Path              : /usr/share/java/jenkins.war<br>  Installed version : 2.387.1<br>  Fixed version     : 2.401.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189070717464" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070717464-container');" onmouseover="this.style.cursor='pointer'">178959 - Jenkins plugins Multiple Vulnerabilities (2023-07-26)<div id="idp45189070717464-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070717464-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An application running on a remote web server host is affected by multiple vulnerabilities<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities:<br> <br>  - Always-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials not     being masked (i.e., replaced with asterisks) in the build log in some circumstances. (CVE-2023-39152)<br> <br>  - A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and     earlier allows attackers to trick users into logging in to the attacker's account. (CVE-2023-39153)<br> <br>  - Incorrect permission checks in Jenkins Qualys Web App Scanning Connector Plugin 2.0.10 and earlier allow     attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-     specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.<br>    (CVE-2023-39154)<br> <br>  - Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the     potential for attackers to observe and capture it. (CVE-2023-39155)<br> <br>  - A cross-site request forgery (CSRF) vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows     attackers to delete previously created Bazaar SCM tags. (CVE-2023-39156)<br> <br>  - Medium ServiceNow DevOps Plugin 1.38.0 and earlier does not perform a permission check in a method     implementing form validation. This allows attackers with Overall/Read permission to connect to an     attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing     credentials stored in Jenkins. Additionally, this form validation method does not require POST requests,     resulting in a cross-site request forgery (CSRF) vulnerability. ServiceNow DevOps Plugin 1.38.1 requires     POST requests and Overall/Administer permission for the affected form validation method. (CVE-2023-3414,     CVE-2023-3442)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070269720" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://jenkins.io/security/advisory/2023-07-26" target="_blank">https://jenkins.io/security/advisory/2023-07-26</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update Jenkins plugins to the following versions:<br>  - Bazaar Plugin: See vendor advisory<br>  - Chef Identity Plugin: See vendor advisory<br>  - GitLab Authentication Plugin to version 1.18 or later<br>  - Gradle Plugin to version 2.8.1 or later<br>  - Qualys Web App Scanning Connector Plugin to version 2.0.11 or later<br>  - ServiceNow DevOps Plugin to version 1.38.1 or later<br> <br>See vendor advisory for more details.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.8 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070313368" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3414" target="_blank">CVE-2023-3414</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3442" target="_blank">CVE-2023-3442</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39152" target="_blank">CVE-2023-39152</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39153" target="_blank">CVE-2023-39153</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39154" target="_blank">CVE-2023-39154</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39155" target="_blank">CVE-2023-39155</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39156" target="_blank">CVE-2023-39156</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">JENKINS:2023-07-26</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0384</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/28, Modified: 2023/08/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Plugin            : Gradle Plugin<br>  Path              : /var/lib/jenkins/plugins/gradle<br>  Installed version : 2.3.2<br>  Fixed version     : 2.8.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189070913048" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070913048-container');" onmouseover="this.style.cursor='pointer'">180006 - Jenkins plugins Multiple Vulnerabilities (2023-08-16)<div id="idp45189070913048-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070913048-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An application running on a remote web server host is affected by multiple vulnerabilities<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities:<br> <br>  - High Folders Plugin 6.846.v23698686f0f6 and earlier does not require POST requests for an HTTP endpoint,     resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to     copy an item, which could potentially automatically approve unsandboxed scripts and allow the execution of     unsafe scripts. An improvement added in Script Security Plugin 1265.va_fb_290b_4b_d34 and     1251.1253.v4e638b_e3b_221 prevents automatic approval of unsandboxed scripts when administrators copy     jobs, significantly reducing the impact of this vulnerability. Folders Plugin 6.848.ve3b_fd7839a_81     requires POST requests for the affected HTTP endpoint. (CVE-2023-40336)<br> <br>  - Medium Folders Plugin 6.846.v23698686f0f6 and earlier does not require POST requests for an HTTP endpoint,     resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to     copy a view inside a folder. Folders Plugin 6.848.ve3b_fd7839a_81 requires POST requests for the affected     HTTP endpoint. (CVE-2023-40337)<br> <br>  - Medium Folders Plugin displays an error message when attempting to access the Scan Organization Folder Log     if no logs are available. In Folders Plugin 6.846.v23698686f0f6 and earlier, this error message includes     the absolute path of a log file, exposing information about the Jenkins controller file system. Folders     Plugin 6.848.ve3b_fd7839a_81 does not display the absolute path of a log file in the error message.<br>    (CVE-2023-40338)<br> <br>  - Medium Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with     asterisks) credentials specified in configuration files when they're written to the build log. Config File     Provider Plugin 953.v0432a_802e4d2 masks credentials configured in configuration files if they appear in     the build log. (CVE-2023-40339)<br> <br>  - Medium NodeJS Plugin integrates with Config File Provider Plugin to specify custom NPM settings, including     credentials for authentication, in a Npm config file. NodeJS Plugin 1.6.0 and earlier does not properly     mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.<br>    NodeJS Plugin 1.6.0.1 masks credentials specified in the Npm config file in Pipeline build logs.<br>    (CVE-2023-40340)<br> <br>  - Medium Blue Ocean Plugin 1.27.5 and earlier does not require POST requests for an HTTP endpoint, resulting     in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to connect to an     attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job. This issue     is due to an incomplete fix of SECURITY-2502. Blue Ocean Plugin 1.27.5.1 uses the configured SCM URL,     instead of a user-specified URL provided as a parameter to the HTTP endpoint. (CVE-2023-40341)<br> <br>  - Medium Fortify Plugin 22.1.38 and earlier does not perform permission checks in several HTTP endpoints.<br>    This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-     specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.<br>    Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery     (CSRF) vulnerability. Fortify Plugin 22.2.39 requires POST requests and the appropriate permissions for     the affected HTTP endpoints. (CVE-2023-4301, CVE-2023-4302)<br> <br>  - Medium Fortify Plugin 22.1.38 and earlier does not escape the error message for a form validation method.<br>    This results in an HTML injection vulnerability. Since Jenkins 2.275 and LTS 2.263.2, a security hardening     for form validation responses prevents JavaScript execution, so no scripts can be injected. Fortify Plugin     22.2.39 removes HTML tags from the error message. (CVE-2023-4303)<br> <br>  - High Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on     the Jenkins UI. This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers     able to control JUnit report file contents. Flaky Test Handler Plugin 1.2.3 escapes JUnit test contents     when showing them on the Jenkins UI. (CVE-2023-40342)<br> <br>  - Low Tuleap Authentication Plugin 1.1.20 and earlier does not use a constant-time comparison when checking     whether two authentication tokens are equal. This could potentially allow attackers to use statistical     methods to obtain a valid authentication token. Tuleap Authentication Plugin 1.1.21 uses a constant-time     comparison when validating authentication tokens. (CVE-2023-40343)<br> <br>  - Medium Delphix Plugin 3.0.2 and earlier does not perform a permission check in an HTTP endpoint. This     allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in     Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. An     enumeration of credentials IDs in Delphix Plugin 3.0.3 requires the appropriate permissions.<br>    (CVE-2023-40344)<br> <br>  - Medium Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup,     allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows     attackers with Overall/Read permission to access and capture credentials they are not entitled to. Delphix     Plugin 3.0.3 defines the appropriate context for credentials lookup. (CVE-2023-40345)<br> <br>  - High Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL. This results in a     stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs.<br>    Shortcut Job Plugin 0.5 escapes the shortcut redirection URL. (CVE-2023-40346)<br> <br>  - Medium Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate     context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the     global configuration. This allows attackers with Item/Configure permission to access and capture     credentials they are not entitled to. As of publication of this advisory, there is no fix. Learn why we     announce this. (CVE-2023-40347)<br> <br>  - Medium Gogs Plugin provides a webhook endpoint at /gogs-webhook that can be used to trigger builds of     jobs. In Gogs Plugin 1.0.15 and earlier, an option to specify a Gogs secret for this webhook is provided,     but not enabled by default. This allows unauthenticated attackers to trigger builds of jobs corresponding     to the attacker-specified job name. Additionally, the output of the webhook endpoint includes whether a     job corresponding to the attacker-specified job name exists, even if the attacker has no permission to     access it. As of publication of this advisory, there is no fix. Learn why we announce this.<br>    (CVE-2023-40348, CVE-2023-40349)<br> <br>  - High Docker Swarm Plugin processes Docker responses to generate the Docker Swarm Dashboard view. Docker     Swarm Plugin 1.11 and earlier does not escape values returned from Docker before inserting them into the     Docker Swarm Dashboard view. This results in a stored cross-site scripting (XSS) vulnerability exploitable     by attackers able to control responses from Docker. As of publication of this advisory, there is no fix.<br>    Learn why we announce this. (CVE-2023-40350)<br> <br>  - Medium Favorite View Plugin 5.v77a_37f62782d and earlier does not require POST requests for an HTTP     endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows     attackers to add or remove views from another user's favorite views tab bar. As of publication of this     advisory, there is no fix. Learn why we announce this. (CVE-2023-40351)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071558680" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://jenkins.io/security/advisory/2023-08-16" target="_blank">https://jenkins.io/security/advisory/2023-08-16</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Update Jenkins plugins to the following versions:<br>  - Blue Ocean Plugin to version 1.27.5.1 or later<br>  - Config File Provider Plugin to version 953.v0432a_802e4d2 or later<br>  - Delphix Plugin to version 3.0.3 or later<br>  - Docker Swarm Plugin: See vendor advisory<br>  - Favorite View Plugin: See vendor advisory<br>  - Flaky Test Handler Plugin to version 1.2.3 or later<br>  - Folders Plugin to version 6.848.ve3b_fd7839a_81 or later<br>  - Fortify Plugin to version 22.2.39 or later<br>  - Gogs Plugin: See vendor advisory<br>  - Maven Artifact ChoiceListProvider (Nexus) Plugin: See vendor advisory<br>  - NodeJS Plugin to version 1.6.0.1 or later<br>  - Shortcut Job Plugin to version 0.5 or later<br>  - Tuleap Authentication Plugin to version 1.1.21 or later<br> <br>See vendor advisory for more details.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Critical<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.7 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.4 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070460312" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4301" target="_blank">CVE-2023-4301</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4302" target="_blank">CVE-2023-4302</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4303" target="_blank">CVE-2023-4303</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40336" target="_blank">CVE-2023-40336</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40337" target="_blank">CVE-2023-40337</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40338" target="_blank">CVE-2023-40338</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40339" target="_blank">CVE-2023-40339</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40340" target="_blank">CVE-2023-40340</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40341" target="_blank">CVE-2023-40341</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40342" target="_blank">CVE-2023-40342</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40343" target="_blank">CVE-2023-40343</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40344" target="_blank">CVE-2023-40344</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40345" target="_blank">CVE-2023-40345</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40346" target="_blank">CVE-2023-40346</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40347" target="_blank">CVE-2023-40347</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40348" target="_blank">CVE-2023-40348</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40349" target="_blank">CVE-2023-40349</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40350" target="_blank">CVE-2023-40350</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40351" target="_blank">CVE-2023-40351</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">JENKINS:2023-08-16</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/21, Modified: 2023/08/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Plugin            : Folders Plugin<br>  Path              : /var/lib/jenkins/plugins/cloudbees-folder<br>  Installed version : 6.815.v0dd5a_cb_40e0e<br>  Fixed version     : 6.848.ve3b_fd7839a_81<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189070503576" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070503576-container');" onmouseover="this.style.cursor='pointer'">174697 - OpenJDK 8 &lt;= 8u362 / 11.0.0 &lt;= 11.0.18 / 17.0.0 &lt;= 17.0.6 / 20.0.0 &lt;= 20.0.0 Multiple Vulnerabilities (2023-04-18<div id="idp45189070503576-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070503576-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">OpenJDK is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The version of OpenJDK installed on the remote host is prior to 8 &lt;= 8u362 / 11.0.0 &lt;= 11.0.18 / 17.0.0 &lt;= 17.0.6 / 20.0.0 &lt;= 20.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-04-18 advisory.<br> <br>Please Note: Java CVEs do not always include OpenJDK versions, but are confirmed separately by Tenable using the patch versions from the referenced OpenJDK security advisory.<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE,     Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized     creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM     Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to     all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to     Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java     applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java     sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component,     e.g., through a web service which supplies data to the APIs. (CVE-2023-21930)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability     allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE,     Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized     access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21954)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE,     Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized     ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM     Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21967)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18,     17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability     allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM     Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or     delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This     vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start     applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the     internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using     APIs in the specified Component, e.g., through a web service which supplies data to the APIs.<br>    (CVE-2023-21939)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf,     11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in     unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not     apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed     by an administrator). (CVE-2023-21938)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf,     11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in     unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21937)<br> <br>  - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE     (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf,     11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in     unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition     accessible data. Note: This vulnerability applies to Java deployments, typically in clients running     sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,     code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also     be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to     the APIs. (CVE-2023-21968)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070515736" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://openjdk.java.net/groups/vulnerability/advisories/2023-04-18" target="_blank">https://openjdk.java.net/groups/vulnerability/advisories/2023-04-18</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to an OpenJDK version greater than 8u362 / 11.0.18 / 17.0.6 / 20.0.0<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.4 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.3 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070752920" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21930" target="_blank">CVE-2023-21930</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21937" target="_blank">CVE-2023-21937</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21938" target="_blank">CVE-2023-21938</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21939" target="_blank">CVE-2023-21939</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21954" target="_blank">CVE-2023-21954</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21967" target="_blank">CVE-2023-21967</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21968" target="_blank">CVE-2023-21968</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/04/25, Modified: 2023/04/25<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64/<br>  Installed version : 11.0.18<br>  Fixed version     : Upgrade to a version greater than 11.0.18<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189070781208" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070781208-container');" onmouseover="this.style.cursor='pointer'">166959 - Tenable Nessus 10.x &lt; 10.3.2 Multiple Vulnerabilities (TNS-2022-23)<div id="idp45189070781208-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070781208-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.3.2. It is, therefore, affected by multiple vulnerabilities, including:<br> <br>  - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.<br>  (CVE-2022-3786, CVE-2022-3602)<br> <br>  - In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in     XML_ExternalEntityParserCreate in out-of-memory situations. (CVE-2022-43680)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070786200" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-23" target="_blank">https://www.tenable.com/security/tns-2022-23</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.3.2 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.8 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070795032" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3602" target="_blank">CVE-2022-3602</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3786" target="_blank">CVE-2022-3786</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-43680" target="_blank">CVE-2022-43680</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2022-A-0452-S</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2022-0036</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/11/04, Modified: 2023/03/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.3.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189070820632" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070820632-container');" onmouseover="this.style.cursor='pointer'">166959 - Tenable Nessus 10.x &lt; 10.3.2 Multiple Vulnerabilities (TNS-2022-23)<div id="idp45189070820632-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070820632-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.3.2. It is, therefore, affected by multiple vulnerabilities, including:<br> <br>  - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.<br>  (CVE-2022-3786, CVE-2022-3602)<br> <br>  - In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in     XML_ExternalEntityParserCreate in out-of-memory situations. (CVE-2022-43680)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070825624" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-23" target="_blank">https://www.tenable.com/security/tns-2022-23</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.3.2 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.8 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071575832" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3602" target="_blank">CVE-2022-3602</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3786" target="_blank">CVE-2022-3786</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-43680" target="_blank">CVE-2022-43680</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2022-A-0452-S</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2022-0036</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/11/04, Modified: 2023/03/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.3.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071597336" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071597336-container');" onmouseover="this.style.cursor='pointer'">170167 - Tenable Nessus 10.x &lt; 10.4.2 Privilege Escalation (TNS-2023-01)<div id="idp45189071597336-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071597336-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by a privilege escalation vulnerability.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.4.2. It is, therefore, affected by a privilege escalation vulnerability. An authenticated attacker could potentially execute a specially crafted file to obtain Root or NT AUTHORITY / SYSTEM privileges on the Nessus host.<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071600920" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2023-01" target="_blank">https://www.tenable.com/security/tns-2023-01</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.4.2 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.2 (CVSS:3.0/E:F/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.4 (CVSS2#E:F/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071667096" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0101" target="_blank">CVE-2023-0101</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0050-S</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/01/19, Modified: 2023/08/31<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.4.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071673112" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071673112-container');" onmouseover="this.style.cursor='pointer'">170167 - Tenable Nessus 10.x &lt; 10.4.2 Privilege Escalation (TNS-2023-01)<div id="idp45189071673112-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071673112-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by a privilege escalation vulnerability.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.4.2. It is, therefore, affected by a privilege escalation vulnerability. An authenticated attacker could potentially execute a specially crafted file to obtain Root or NT AUTHORITY / SYSTEM privileges on the Nessus host.<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071676696" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2023-01" target="_blank">https://www.tenable.com/security/tns-2023-01</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.4.2 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.8 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.2 (CVSS:3.0/E:F/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.4 (CVSS2#E:F/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071685528" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0101" target="_blank">CVE-2023-0101</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0050-S</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/01/19, Modified: 2023/08/31<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.4.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071695640" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071695640-container');" onmouseover="this.style.cursor='pointer'">172124 - Tenable Nessus &lt;= 10.4.2 Multiple Vulnerabilities (TNS-2023-09)<div id="idp45189071695640-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071695640-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.4.2 or earlier. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 3.0.8, spin.js prior to version 2.3.2, and datatables.net prior to version 1.13.2:<br>    <br>    - An attacker that had observed a genuine connection between a client and a server could use the flaw to send trial       messages to the server and record the time taken to process them. After a sufficiently large number of messages       the attacker could recover the pre-master secret used for the original connection. (CVE-2022-4304)<br> <br>    - The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes any header data and the payload       data. Under certain conditions, a double free will occur. This will most likely lead to a crash. (CVE-2022-4450)<br> <br>    - The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. Under certain conditions,       the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously       freed filter BIO. This will most likely result in a crash. (CVE-2023-0215)<br> <br>    - An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data. The result of the       dereference is an application crash which could lead to a denial of service attack. (CVE-2023-0216)<br> <br>    - An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the       EVP_PKEY_public_check() function. This will most likely lead to an application crash. (CVE-2023-0217)<br> <br>    - A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash       algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the       digest initialization will fail. (CVE-2023-0401) <br> <br>    - A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking, which       might result in a crash which could lead to a denial of service attack. (CVE-2022-4203)<br> <br>    - All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for       https:/snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. (CVE-2020-28458)<br> <br>    - With the package datatables.net before 1.11.3 if an array is passed to the HTML escape entities function it would not       have its contents escaped. (CVE-2021-23445)<br> <br>    - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of       Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the       native Object.prototype. (CVE-2019-11358)<br> <br>    - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing &lt;option&gt; elements from untrusted       sources, even after sanitizing it, to one of jQuery DOM manipulation methods may execute untrusted code. (CVE-2020-11023)<br> <br>    - jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method that fails to recognize and remove &lt;script&gt;       HTML tags that contain a whitespace character and trigger execution of the enclosed script logic. (CVE-2020-7656)<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071704856" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2023-09" target="_blank">https://www.tenable.com/security/tns-2023-09</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?8230254d" target="_blank">http://www.nessus.org/u?8230254d</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.5.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.8 (CVSS:3.0/E:F/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.2 (CVSS2#E:F/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071725720" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11358" target="_blank">CVE-2019-11358</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7656" target="_blank">CVE-2020-7656</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023" target="_blank">CVE-2020-11023</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28458" target="_blank">CVE-2020-28458</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23445" target="_blank">CVE-2021-23445</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4203" target="_blank">CVE-2022-4203</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4304" target="_blank">CVE-2022-4304</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4450" target="_blank">CVE-2022-4450</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0215" target="_blank">CVE-2023-0215</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0216" target="_blank">CVE-2023-0216</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0217" target="_blank">CVE-2023-0217</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0401" target="_blank">CVE-2023-0401</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2021-0025</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2021-0004</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/03/06, Modified: 2023/08/31<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415406360" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #DD4B50; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415406360-container');" onmouseover="this.style.cursor='pointer'">172124 - Tenable Nessus &lt;= 10.4.2 Multiple Vulnerabilities (TNS-2023-09)<div id="idp45188415406360-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415406360-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.4.2 or earlier. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 3.0.8, spin.js prior to version 2.3.2, and datatables.net prior to version 1.13.2:<br>    <br>    - An attacker that had observed a genuine connection between a client and a server could use the flaw to send trial       messages to the server and record the time taken to process them. After a sufficiently large number of messages       the attacker could recover the pre-master secret used for the original connection. (CVE-2022-4304)<br> <br>    - The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes any header data and the payload       data. Under certain conditions, a double free will occur. This will most likely lead to a crash. (CVE-2022-4450)<br> <br>    - The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. Under certain conditions,       the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously       freed filter BIO. This will most likely result in a crash. (CVE-2023-0215)<br> <br>    - An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data. The result of the       dereference is an application crash which could lead to a denial of service attack. (CVE-2023-0216)<br> <br>    - An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the       EVP_PKEY_public_check() function. This will most likely lead to an application crash. (CVE-2023-0217)<br> <br>    - A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash       algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the       digest initialization will fail. (CVE-2023-0401) <br> <br>    - A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking, which       might result in a crash which could lead to a denial of service attack. (CVE-2022-4203)<br> <br>    - All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for       https:/snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. (CVE-2020-28458)<br> <br>    - With the package datatables.net before 1.11.3 if an array is passed to the HTML escape entities function it would not       have its contents escaped. (CVE-2021-23445)<br> <br>    - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of       Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the       native Object.prototype. (CVE-2019-11358)<br> <br>    - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing &lt;option&gt; elements from untrusted       sources, even after sanitizing it, to one of jQuery DOM manipulation methods may execute untrusted code. (CVE-2020-11023)<br> <br>    - jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method that fails to recognize and remove &lt;script&gt;       HTML tags that contain a whitespace character and trigger execution of the enclosed script logic. (CVE-2020-7656)<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415415576" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2023-09" target="_blank">https://www.tenable.com/security/tns-2023-09</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?8230254d" target="_blank">http://www.nessus.org/u?8230254d</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.5.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.8 (CVSS:3.0/E:F/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.2 (CVSS2#E:F/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415436440" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11358" target="_blank">CVE-2019-11358</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7656" target="_blank">CVE-2020-7656</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023" target="_blank">CVE-2020-11023</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28458" target="_blank">CVE-2020-28458</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23445" target="_blank">CVE-2021-23445</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4203" target="_blank">CVE-2022-4203</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4304" target="_blank">CVE-2022-4304</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4450" target="_blank">CVE-2022-4450</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0215" target="_blank">CVE-2023-0215</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0216" target="_blank">CVE-2023-0216</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0217" target="_blank">CVE-2023-0217</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0401" target="_blank">CVE-2023-0401</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2021-0025</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">CEA-ID:CEA-2021-0004</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/03/06, Modified: 2023/08/31<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415468312" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415468312-container');" onmouseover="this.style.cursor='pointer'">156327 - Apache Log4j 2.0 &lt; 2.3.2 / 2.4 &lt; 2.12.4 / 2.13 &lt; 2.17.1 RCE<div id="idp45188415468312-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415468312-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A package installed on the remote host is affected by a remote code execution vulnerability.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The version of Apache Log4j on the remote host is 2.0 &lt; 2.3.2, 2.4 &lt; 2.12.4, or 2.13 &lt; 2.17.1. It is, therefore, affected by a remote code execution vulnerability. Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. <br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415471896" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://logging.apache.org/log4j/2.x/security.html" target="_blank">https://logging.apache.org/log4j/2.x/security.html</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.6 (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.8 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">8.5 (CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.3 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415493528" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44832" target="_blank">CVE-2021-44832</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0573</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:0001-A-0650</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/12/28, Modified: 2022/07/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.13.0.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.4<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/lib/log4j-core-2.11.1.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.4<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188415501976" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415501976-container');" onmouseover="this.style.cursor='pointer'">156183 - Apache Log4j 2.x &lt; 2.17.0 DoS<div id="idp45188415501976-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415501976-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A package installed on the remote host is affected by a denial of service vulnerability.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The version of Apache Log4j on the remote host is 2.x &lt; 2.3.1 / 2.13.2 / 2.17.0. It is, therefore, affected by a denial of service vulnerability. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 did not protect from uncontrolled recursion from self-referential lookups. When the logging configuration uses a non-default Pattern Layout with a Context Lookup (for example, $${ctx:loginId}), attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup, resulting in a StackOverflowError that will terminate the process.<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415505560" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://github.com/advisories/GHSA-p6xc-xr62-6r2g" target="_blank">https://github.com/advisories/GHSA-p6xc-xr62-6r2g</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://logging.apache.org/log4j/2.x/security.html" target="_blank">https://logging.apache.org/log4j/2.x/security.html</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Apache Log4j version 2.3.1, 2.12.3, 2.17.0 or later, or apply the vendor mitigation.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.7 (CVSS:3.0/E:H/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.7 (CVSS2#E:H/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415519768" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45105" target="_blank">CVE-2021-45105</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0573</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2021-A-0598</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:0001-A-0650</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/12/18, Modified: 2022/04/11<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.13.0.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.3 / 2.17.0<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /usr/share/elasticsearch/lib/log4j-core-2.11.1.jar<br>  Installed version : 2.11.1<br>  Fixed version     : 2.12.3 / 2.17.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188415529112" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415529112-container');" onmouseover="this.style.cursor='pointer'">178903 - Jenkins LTS &lt; 2.401.3 / Jenkins weekly &lt; 2.416 Multiple Vulnerabilities<div id="idp45188415529112-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415529112-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An application running on a remote web server host is affected by a vulnerability<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.401.3 or Jenkins weekly prior to 2.416. It is, therefore, affected by multiple vulnerabilities:<br> <br>  - Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs in build logs     when transforming them into hyperlinks, resulting in a stored cross-site scripting (XSS) vulnerability     exploitable by attackers able to control build log contents. (CVE-2023-39151)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415533208" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://jenkins.io/security/advisory/2023-07-26" target="_blank">https://jenkins.io/security/advisory/2023-07-26</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade Jenkins weekly to version 2.416 or later, or Jenkins LTS to version 2.401.3 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.4 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.7 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.5 (CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.1 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071467288" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39151" target="_blank">CVE-2023-39151</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">JENKINS:2023-07-26</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0384</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/26, Modified: 2023/08/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Product           : Jenkins Open Source LTS<br>  Path              : /usr/share/java/jenkins.war<br>  Installed version : 2.387.1<br>  Fixed version     : 2.401.3<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071486744" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071486744-container');" onmouseover="this.style.cursor='pointer'">51192 - SSL Certificate Cannot Be Trusted<div id="idp45189071486744-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071486744-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSL certificate for this service cannot be trusted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :<br> <br>  - First, the top of the certificate chain sent by the     server might not be descended from a known public     certificate authority. This can occur either when the     top of the chain is an unrecognized, self-signed     certificate, or when intermediate certificates are     missing that would connect the top of the certificate     chain to a known public certificate authority.<br> <br>  - Second, the certificate chain may contain a certificate     that is not valid at the time of the scan. This can     occur either when the scan occurs before one of the     certificate's 'notBefore' dates, or after one of the     certificate's 'notAfter' dates.<br> <br>  - Third, the certificate chain may contain a signature     that either didn't match the certificate's information     or could not be verified. Bad signatures can be fixed by     getting the certificate with the bad signature to be     re-signed by its issuer. Signatures that could not be     verified are the result of the certificate's issuer     using a signing algorithm that Nessus either does not     support or does not recognize.<br> <br>If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071491864" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.itu.int/rec/T-REC-X.509/en" target="_blank">https://www.itu.int/rec/T-REC-X.509/en</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/X.509" target="_blank">https://en.wikipedia.org/wiki/X.509</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Purchase or generate a proper SSL certificate for this service.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/12/15, Modified: 2020/04/27<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following certificate was at the top of the certificate<br>chain sent by the remote host, but it is signed by an unknown<br>certificate authority :<br> <br>|-Subject : O=Acunetix Ltd/OU=Acunetix Web Vulnerability Scanner/CN=awvs<br>|-Issuer  : O=Acunetix Ltd./OU=Acunetix WVS/CN=Acunetix WVS Root Authority (bpxzW)<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415564440" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415564440-container');" onmouseover="this.style.cursor='pointer'">51192 - SSL Certificate Cannot Be Trusted<div id="idp45188415564440-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415564440-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSL certificate for this service cannot be trusted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :<br> <br>  - First, the top of the certificate chain sent by the     server might not be descended from a known public     certificate authority. This can occur either when the     top of the chain is an unrecognized, self-signed     certificate, or when intermediate certificates are     missing that would connect the top of the certificate     chain to a known public certificate authority.<br> <br>  - Second, the certificate chain may contain a certificate     that is not valid at the time of the scan. This can     occur either when the scan occurs before one of the     certificate's 'notBefore' dates, or after one of the     certificate's 'notAfter' dates.<br> <br>  - Third, the certificate chain may contain a signature     that either didn't match the certificate's information     or could not be verified. Bad signatures can be fixed by     getting the certificate with the bad signature to be     re-signed by its issuer. Signatures that could not be     verified are the result of the certificate's issuer     using a signing algorithm that Nessus either does not     support or does not recognize.<br> <br>If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415569560" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.itu.int/rec/T-REC-X.509/en" target="_blank">https://www.itu.int/rec/T-REC-X.509/en</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/X.509" target="_blank">https://en.wikipedia.org/wiki/X.509</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Purchase or generate a proper SSL certificate for this service.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/12/15, Modified: 2020/04/27<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following certificate was at the top of the certificate<br>chain sent by the remote host, but it is signed by an unknown<br>certificate authority :<br> <br>|-Subject : C=CN/ST=Shanghai/L=Shanghai/O=Example Inc./OU=Web Security/CN=127.0.0.1<br>|-Issuer  : C=CN/ST=Shanghai/L=Shanghai/O=Example Inc./OU=Web Security/CN=127.0.0.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415591960" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415591960-container');" onmouseover="this.style.cursor='pointer'">51192 - SSL Certificate Cannot Be Trusted<div id="idp45188415591960-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415591960-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSL certificate for this service cannot be trusted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :<br> <br>  - First, the top of the certificate chain sent by the     server might not be descended from a known public     certificate authority. This can occur either when the     top of the chain is an unrecognized, self-signed     certificate, or when intermediate certificates are     missing that would connect the top of the certificate     chain to a known public certificate authority.<br> <br>  - Second, the certificate chain may contain a certificate     that is not valid at the time of the scan. This can     occur either when the scan occurs before one of the     certificate's 'notBefore' dates, or after one of the     certificate's 'notAfter' dates.<br> <br>  - Third, the certificate chain may contain a signature     that either didn't match the certificate's information     or could not be verified. Bad signatures can be fixed by     getting the certificate with the bad signature to be     re-signed by its issuer. Signatures that could not be     verified are the result of the certificate's issuer     using a signing algorithm that Nessus either does not     support or does not recognize.<br> <br>If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415597080" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.itu.int/rec/T-REC-X.509/en" target="_blank">https://www.itu.int/rec/T-REC-X.509/en</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/X.509" target="_blank">https://en.wikipedia.org/wiki/X.509</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Purchase or generate a proper SSL certificate for this service.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/12/15, Modified: 2020/04/27<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following certificate was at the top of the certificate<br>chain sent by the remote host, but it is signed by an unknown<br>certificate authority :<br> <br>|-Subject : O=Nessus Users United/OU=Nessus Server/L=New York/C=US/ST=NY/CN=kubespray<br>|-Issuer  : O=Nessus Users United/OU=Nessus Certification Authority/L=New York/C=US/ST=NY/CN=Nessus Certification Authority<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415607320" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415607320-container');" onmouseover="this.style.cursor='pointer'">51192 - SSL Certificate Cannot Be Trusted<div id="idp45188415607320-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415607320-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSL certificate for this service cannot be trusted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :<br> <br>  - First, the top of the certificate chain sent by the     server might not be descended from a known public     certificate authority. This can occur either when the     top of the chain is an unrecognized, self-signed     certificate, or when intermediate certificates are     missing that would connect the top of the certificate     chain to a known public certificate authority.<br> <br>  - Second, the certificate chain may contain a certificate     that is not valid at the time of the scan. This can     occur either when the scan occurs before one of the     certificate's 'notBefore' dates, or after one of the     certificate's 'notAfter' dates.<br> <br>  - Third, the certificate chain may contain a signature     that either didn't match the certificate's information     or could not be verified. Bad signatures can be fixed by     getting the certificate with the bad signature to be     re-signed by its issuer. Signatures that could not be     verified are the result of the certificate's issuer     using a signing algorithm that Nessus either does not     support or does not recognize.<br> <br>If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189072213528" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.itu.int/rec/T-REC-X.509/en" target="_blank">https://www.itu.int/rec/T-REC-X.509/en</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/X.509" target="_blank">https://en.wikipedia.org/wiki/X.509</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Purchase or generate a proper SSL certificate for this service.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/12/15, Modified: 2020/04/27<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following certificate was at the top of the certificate<br>chain sent by the remote host, but it is signed by an unknown<br>certificate authority :<br> <br>|-Subject : O=6a4ec7da413943ac87428e1dc85c97c9/CN=kubespray<br>|-Issuer  : O=6a4ec7da413943ac87428e1dc85c97c9/CN=kubespray<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189072227736" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189072227736-container');" onmouseover="this.style.cursor='pointer'">57582 - SSL Self-Signed Certificate<div id="idp45189072227736-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189072227736-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSL certificate chain for this service ends in an unrecognized self-signed certificate.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The X.509 certificate chain for this service is not signed by a recognized certificate authority.  If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host. <br> <br>Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Purchase or generate a proper SSL certificate for this service.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2012/01/17, Modified: 2022/06/14<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following certificate was found at the top of the certificate<br>chain sent by the remote host, but is self-signed and was not<br>found in the list of known certificate authorities :<br> <br>|-Subject : C=CN/ST=Shanghai/L=Shanghai/O=Example Inc./OU=Web Security/CN=127.0.0.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189070624920" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070624920-container');" onmouseover="this.style.cursor='pointer'">57582 - SSL Self-Signed Certificate<div id="idp45189070624920-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070624920-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSL certificate chain for this service ends in an unrecognized self-signed certificate.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The X.509 certificate chain for this service is not signed by a recognized certificate authority.  If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host. <br> <br>Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Purchase or generate a proper SSL certificate for this service.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2012/01/17, Modified: 2022/06/14<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following certificate was found at the top of the certificate<br>chain sent by the remote host, but is self-signed and was not<br>found in the list of known certificate authorities :<br> <br>|-Subject : O=6a4ec7da413943ac87428e1dc85c97c9/CN=kubespray<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45189070258968" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070258968-container');" onmouseover="this.style.cursor='pointer'">157288 - TLS Version 1.1 Protocol Deprecated<div id="idp45189070258968-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070258968-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts traffic using an older version of TLS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service accepts connections encrypted using TLS 1.1. TLS 1.1 lacks support for current and recommended cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM cannot be used with TLS 1.1<br> <br>As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070262552" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://datatracker.ietf.org/doc/html/rfc8996" target="_blank">https://datatracker.ietf.org/doc/html/rfc8996</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?c8ae820d" target="_blank">http://www.nessus.org/u?c8ae820d</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.1 (CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070650008" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/327" target="_blank">CWE:327</a></td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/04/04, Modified: 2023/04/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">TLSv1.1 is enabled and the server supports at least one cipher.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415634328" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415634328-container');" onmouseover="this.style.cursor='pointer'">166670 - Tenable Nessus 10.x &lt; 10.4.0 Multiple Vulnerabilities (TNS-2022-21)<div id="idp45188415634328-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415634328-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.4.0. It is, therefore, affected by multiple vulnerabilities, including:<br> <br>  - An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a     scenario where unauthorized disclosure of agent logs and data is present. (CVE-2022-3499)   <br>  - An authenticated attacker could modify the client-side behavior to bypass the protection mechanisms resulting in     potentially unexpected interactions between the client and server. (CVE-2022-3498)<br> <br>  - Cross-site scripting in the checkboxradio widget in JQuery UI. (CVE-2022-31160)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415639192" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-21" target="_blank">https://www.tenable.com/security/tns-2022-21</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.4.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.7 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.2 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189071523096" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10744" target="_blank">CVE-2016-10744</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41182" target="_blank">CVE-2021-41182</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41183" target="_blank">CVE-2021-41183</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41184" target="_blank">CVE-2021-41184</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3498" target="_blank">CVE-2022-3498</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3499" target="_blank">CVE-2022-3499</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31160" target="_blank">CVE-2022-31160</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/10/28, Modified: 2023/03/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.4.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071547416" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071547416-container');" onmouseover="this.style.cursor='pointer'">166670 - Tenable Nessus 10.x &lt; 10.4.0 Multiple Vulnerabilities (TNS-2022-21)<div id="idp45189071547416-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071547416-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus running on the remote host is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.4.0. It is, therefore, affected by multiple vulnerabilities, including:<br> <br>  - An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a     scenario where unauthorized disclosure of agent logs and data is present. (CVE-2022-3499)   <br>  - An authenticated attacker could modify the client-side behavior to bypass the protection mechanisms resulting in     potentially unexpected interactions between the client and server. (CVE-2022-3498)<br> <br>  - Cross-site scripting in the checkboxradio widget in JQuery UI. (CVE-2022-31160)<br> <br>Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415647512" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/tns-2022-21" target="_blank">https://www.tenable.com/security/tns-2022-21</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus version 10.4.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.7 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.2 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070441880" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10744" target="_blank">CVE-2016-10744</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41182" target="_blank">CVE-2021-41182</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41183" target="_blank">CVE-2021-41183</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41184" target="_blank">CVE-2021-41184</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3498" target="_blank">CVE-2022-3498</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3499" target="_blank">CVE-2022-3499</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31160" target="_blank">CVE-2022-31160</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/10/28, Modified: 2023/03/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.4.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189070453912" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189070453912-container');" onmouseover="this.style.cursor='pointer'">175427 - Tenable Nessus &lt; 10.5.2 Multiple Vulnerabilities (TNS-2023-20)<div id="idp45189070453912-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189070453912-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-20 advisory.<br> <br>  - Nessus leverages third-party software to help provide underlying functionality. Several of the third-party     components (libxml2, libxslt) were found to contain vulnerabilities, and updated versions have been made     available by the provider.    Out of caution and in line with best practice, Tenable has opted to upgrade     these components to address the potential impact of the issues. Nessus 10.5.2 updates libxml2 to version     2.11.1 and libxslt to version 1.1.37 to address the identified vulnerabilities. Tenable has released     Nessus 10.5.2 to address these issues. The installation files can be obtained from the Tenable Downloads     Portal (https://www.tenable.com/downloads/nessus). (CVE-2022-29824, CVE-2023-28484, CVE-2023-29469)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189070736536" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?41bd64ec" target="_blank">http://www.nessus.org/u?41bd64ec</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-20" target="_blank">https://www.tenable.com/security/TNS-2023-20</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.5.2 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.0 (CVSS:3.0/E:F/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.6 (CVSS2#E:F/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45189070745112" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29824" target="_blank">CVE-2022-29824</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28484" target="_blank">CVE-2023-28484</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29469" target="_blank">CVE-2023-29469</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/05/12, Modified: 2023/05/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45189071641368" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45189071641368-container');" onmouseover="this.style.cursor='pointer'">175427 - Tenable Nessus &lt; 10.5.2 Multiple Vulnerabilities (TNS-2023-20)<div id="idp45189071641368-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45189071641368-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-20 advisory.<br> <br>  - Nessus leverages third-party software to help provide underlying functionality. Several of the third-party     components (libxml2, libxslt) were found to contain vulnerabilities, and updated versions have been made     available by the provider.    Out of caution and in line with best practice, Tenable has opted to upgrade     these components to address the potential impact of the issues. Nessus 10.5.2 updates libxml2 to version     2.11.1 and libxslt to version 1.1.37 to address the identified vulnerabilities. Tenable has released     Nessus 10.5.2 to address these issues. The installation files can be obtained from the Tenable Downloads     Portal (https://www.tenable.com/downloads/nessus). (CVE-2022-29824, CVE-2023-28484, CVE-2023-29469)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45189071645464" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?41bd64ec" target="_blank">http://www.nessus.org/u?41bd64ec</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-20" target="_blank">https://www.tenable.com/security/TNS-2023-20</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.5.2 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.0 (CVSS:3.0/E:F/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.6 (CVSS2#E:F/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415650968" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29824" target="_blank">CVE-2022-29824</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28484" target="_blank">CVE-2023-28484</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29469" target="_blank">CVE-2023-29469</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/05/12, Modified: 2023/05/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415662488" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415662488-container');" onmouseover="this.style.cursor='pointer'">177925 - Tenable Nessus &lt; 10.5.3 Multiple Vulnerabilities (TNS-2023-22)<div id="idp45188415662488-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415662488-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.3. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-22 advisory.<br> <br>  - Nessus leverages third-party software to help provide underlying functionality. One of the third-party     components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available     by the provider. Out of caution and in line with best practice, Tenable has opted to upgrade these     components to address the potential impact of the issues. Nessus 10.5.3 updates OpenSSL to version 3.0.9     to address the identified vulnerabilities. Tenable has released Nessus 10.5.3 to address these issues.<br>    The installation files can be obtained from the Tenable Downloads Portal     (https://www.tenable.com/downloads/nessus). (CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415666840" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?48b7ba11" target="_blank">http://www.nessus.org/u?48b7ba11</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-22" target="_blank">https://www.tenable.com/security/TNS-2023-22</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.5.3 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.6 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415675416" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0465" target="_blank">CVE-2023-0465</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0466" target="_blank">CVE-2023-0466</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1255" target="_blank">CVE-2023-1255</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2650" target="_blank">CVE-2023-2650</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/04, Modified: 2023/07/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.3<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415696280" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415696280-container');" onmouseover="this.style.cursor='pointer'">177925 - Tenable Nessus &lt; 10.5.3 Multiple Vulnerabilities (TNS-2023-22)<div id="idp45188415696280-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415696280-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.3. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-22 advisory.<br> <br>  - Nessus leverages third-party software to help provide underlying functionality. One of the third-party     components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available     by the provider. Out of caution and in line with best practice, Tenable has opted to upgrade these     components to address the potential impact of the issues. Nessus 10.5.3 updates OpenSSL to version 3.0.9     to address the identified vulnerabilities. Tenable has released Nessus 10.5.3 to address these issues.<br>    The installation files can be obtained from the Tenable Downloads Portal     (https://www.tenable.com/downloads/nessus). (CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415704728" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?48b7ba11" target="_blank">http://www.nessus.org/u?48b7ba11</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-22" target="_blank">https://www.tenable.com/security/TNS-2023-22</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.5.3 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.6 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415713304" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0465" target="_blank">CVE-2023-0465</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0466" target="_blank">CVE-2023-0466</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1255" target="_blank">CVE-2023-1255</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2650" target="_blank">CVE-2023-2650</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/07/04, Modified: 2023/07/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.3<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415721880" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415721880-container');" onmouseover="this.style.cursor='pointer'">179358 - Tenable Nessus &lt; 10.5.4 Multiple Vulnerabilities (TNS-2023-27)<div id="idp45188415721880-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415721880-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.4. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-27 advisory.<br> <br>  - Nessus leverages third-party software to help provide underlying functionality. One of the third-party     components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available     by the provider. Out of caution and in line with best practice, Tenable has opted to upgrade these     components to address the potential impact of the issues. Nessus 10.5.4 updates OpenSSL to version 3.0.10     to address the identified vulnerabilities. Tenable has released Nessus 10.5.4 to address these issues.<br>    The installation files can be obtained from the Tenable Downloads Portal     (https://www.tenable.com/downloads/nessus). (CVE-2023-3446, CVE-2023-3817)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415738520" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?b1d3eebd" target="_blank">http://www.nessus.org/u?b1d3eebd</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-27" target="_blank">https://www.tenable.com/security/TNS-2023-27</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.5.4 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.6 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415747096" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446" target="_blank">CVE-2023-3446</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817" target="_blank">CVE-2023-3817</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/04, Modified: 2023/08/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.4<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415757464" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415757464-container');" onmouseover="this.style.cursor='pointer'">179358 - Tenable Nessus &lt; 10.5.4 Multiple Vulnerabilities (TNS-2023-27)<div id="idp45188415757464-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415757464-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.4. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-27 advisory.<br> <br>  - Nessus leverages third-party software to help provide underlying functionality. One of the third-party     components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available     by the provider. Out of caution and in line with best practice, Tenable has opted to upgrade these     components to address the potential impact of the issues. Nessus 10.5.4 updates OpenSSL to version 3.0.10     to address the identified vulnerabilities. Tenable has released Nessus 10.5.4 to address these issues.<br>    The installation files can be obtained from the Tenable Downloads Portal     (https://www.tenable.com/downloads/nessus). (CVE-2023-3446, CVE-2023-3817)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415761816" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?b1d3eebd" target="_blank">http://www.nessus.org/u?b1d3eebd</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-27" target="_blank">https://www.tenable.com/security/TNS-2023-27</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.5.4 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Medium<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">4.6 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">3.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415770392" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3446" target="_blank">CVE-2023-3446</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3817" target="_blank">CVE-2023-3817</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/04, Modified: 2023/08/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.5.4<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415776664" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415776664-container');" onmouseover="this.style.cursor='pointer'">180253 - Tenable Nessus &lt; 10.6.0 Multiple Vulnerabilities (TNS-2023-29)<div id="idp45188415776664-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415776664-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-29 advisory.<br> <br>  - A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges     could uncover stored SMTP credentials within the Nessus application. (CVE-2023-3251)     <br>  - An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges     could alter logging variables to overwrite arbitrary files on the remote host with log data, which could     lead to a denial of service condition. (CVE-2023-3252)<br> <br>  - An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could     view a list of all the users available in the application. (CVE-2023-3253)<br> <br>    The installation files can be obtained from the Tenable Downloads Portal     (https://www.tenable.com/downloads/nessus). (CVE-2023-3251, CVE-2023-3252, CVE-2023-3253)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415782040" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?db90e0fd" target="_blank">http://www.nessus.org/u?db90e0fd</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-29" target="_blank">https://www.tenable.com/security/TNS-2023-29</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.6.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.7 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.7 (CVSS2#AV:N/AC:L/Au:M/C:N/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415791640" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3251" target="_blank">CVE-2023-3251</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3252" target="_blank">CVE-2023-3252</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3253" target="_blank">CVE-2023-3253</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0445</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/29, Modified: 2023/09/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path              : /opt/nessus<br>  Installed version : 10.1.2<br>  Fixed version     : 10.6.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415816344" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #F18C43; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415816344-container');" onmouseover="this.style.cursor='pointer'">180253 - Tenable Nessus &lt; 10.6.0 Multiple Vulnerabilities (TNS-2023-29)<div id="idp45188415816344-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415816344-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An instance of Nessus installed on the remote system is affected by multiple vulnerabilities.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-29 advisory.<br> <br>  - A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges     could uncover stored SMTP credentials within the Nessus application. (CVE-2023-3251)     <br>  - An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges     could alter logging variables to overwrite arbitrary files on the remote host with log data, which could     lead to a denial of service condition. (CVE-2023-3252)<br> <br>  - An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could     view a list of all the users available in the application. (CVE-2023-3253)<br> <br>    The installation files can be obtained from the Tenable Downloads Portal     (https://www.tenable.com/downloads/nessus). (CVE-2023-3251, CVE-2023-3252, CVE-2023-3253)<br> <br>Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415821720" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?db90e0fd" target="_blank">http://www.nessus.org/u?db90e0fd</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/security/TNS-2023-29" target="_blank">https://www.tenable.com/security/TNS-2023-29</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Upgrade to Tenable Nessus 10.6.0 or later.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">High<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">6.5 (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.7 (CVSS:3.0/E:U/RL:O/RC:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">7.7 (CVSS2#AV:N/AC:L/Au:M/C:N/I:C/A:C)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Temporal Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">5.7 (CVSS2#E:U/RL:OF/RC:C)<div class="clear"></div>
</div>
<div class="details-header">STIG Severity<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">I<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415831320" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3251" target="_blank">CVE-2023-3251</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3252" target="_blank">CVE-2023-3252</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3253" target="_blank">CVE-2023-3253</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:2023-A-0445</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/29, Modified: 2023/09/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL               : https://172.16.187.220:8834/<br>  Installed version : 10.1.2<br>  Fixed version     : 10.6.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188415843736" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415843736-container');" onmouseover="this.style.cursor='pointer'">148375 - AdoptOpenJDK Java Detection (Linux / Unix)<div id="idp45188415843736-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415843736-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A distribution of Java is installed on the remote Linux / Unix host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">One or more instances of AdoptOpenJDK Java are installed on the remote host.  This may include private JREs bundled with the Java Development Kit (JDK).<br> <br>Notes:<br> <br>  - Addition information provided in plugin     Java Detection and Identification (Unix)<br> <br>  - Additional instances of Java may be discovered by enabling thorough     tests<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415860632" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://adoptopenjdk.net/" target="_blank">https://adoptopenjdk.net/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/04/07, Modified: 2023/07/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path            : /usr/share/elasticsearch/jdk/<br>  Version         : 1.16.36<br>  Binary Location : /usr/share/elasticsearch/jdk/bin/java<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188415867032" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415867032-container');" onmouseover="this.style.cursor='pointer'">121575 - Ansible Installed (Linux/UNIX)<div id="idp45188415867032-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415867032-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Ansible is installed on this host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Ansible, an IT automation and management application, was found on the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415870104" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.ansible.com/products/network-automation" target="_blank">https://www.ansible.com/products/network-automation</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2019/02/04, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path            : /usr/local/lib/python3.6/site-packages/ansible/module_utils/ansible_release.py<br>  Version         : 2.10.17<br>  Executable Path : /usr/local/bin/ansible<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188415876504" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188415876504-container');" onmouseover="this.style.cursor='pointer'">156000 - Apache Log4j Installed (Linux / Unix)<div id="idp45188415876504-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188415876504-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Apache Log4j, a logging API, is installed on the remote Linux / Unix host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">One or more instances of Apache Log4j, a logging API, are installed on the remote Linux / Unix Host.<br> <br>The plugin timeout can be set to a custom value other than the plugin's default of 45 minutes via the 'timeout.156000' scanner setting in Nessus 8.15.1 or later.<br> <br>Please see https://docs.tenable.com/nessus/Content/SettingsAdvanced.htm#Custom for more information.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188415880600" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://logging.apache.org/log4j/2.x/" target="_blank">https://logging.apache.org/log4j/2.x/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188415884312" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVA:0001-A-0650</td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0941</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/12/10, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus detected 6 installs of Apache Log4j:<br> <br>  Path                           : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/common/lib/log4j.jar<br>  Version                        : 1.2.16<br>  JMSAppender.class association  : Found<br>  JdbcAppender.class association : Found<br>  JndiLookup.class association   : Not Found<br>  Method                         : MANIFEST.MF dependency<br> <br>  Path                           : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/server/minimal/lib/log4j.jar<br>  Version                        : 1.2.16<br>  JMSAppender.class association  : Found<br>  JdbcAppender.class association : Found<br>  JndiLookup.class association   : Not Found<br>  Method                         : MANIFEST.MF dependency<br> <br>  Path                           : /usr/share/elasticsearch/lib/log4j-core-2.11.1.jar<br>  Version                        : 2.11.1<br>  JMSAppender.class association  : Found<br>  JdbcAppender.class association : Found<br>  JndiLookup.class association   : Found<br>  Method                         : log4j-core file search<br> <br>  Path                           : /usr/share/elasticsearch/bin/elasticsearch-sql-cli-7.13.0.jar<br>  Version                        : 2.11.1<br>  JMSAppender.class association  : Found<br>  JdbcAppender.class association : Found<br>  JndiLookup.class association   : Found<br>  Method                         : pom.properties dependency<br> <br>  Path                           : /var/lib/docker/overlay2/b85d05969144e6dbb355e17783ad9b85aea3814cd43c00d594021b0e57435b9a/diff/jboss-6.1.0.Final/client/log4j.jar<br>  Version                        : 1.2.16<br>  JMSAppender.class association  : Found<br>  JdbcAppender.class association : Found<br>  JndiLookup.class association   : Not Found<br>  Method                         : MANIFEST.MF dependency<br> <br>  Path                           : /var/lib/docker/overlay2/e9ec644e3140251dbd50af579fb8c1232b5554c05e1c2af159b722964c142e45/diff/usr/local/tomcat/webapps/ROOT.war<br>  Version                        : 1.2.17<br>  Archive Location               : WEB-INF/lib/log4j-1.2.17.jar<br>  JMSAppender.class association  : Not Found<br>  JdbcAppender.class association : Not Found<br>  JndiLookup.class association   : Not Found<br>  Method                         : log4j-core dependency search<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <br>Note: This plugin was unable to inspect the top-level contents of all .jar archives found because one or more have been logged as having invalid filenames.<br> <br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416006680" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416006680-container');" onmouseover="this.style.cursor='pointer'">34098 - BIOS Info (SSH)<div id="idp45188416006680-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416006680-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">BIOS info could be read.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using SMBIOS and UEFI, it was possible to get BIOS info.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">N/A<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2008/09/08, Modified: 2023/07/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Version      : 6.00<br>Vendor       : Phoenix Technologies LTD<br>Release Date : 12/12/2018<br>UUID         : 57431b42-638f-c077-df52-fe52f43ee3e6<br>Secure boot  : disabled<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416018840" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416018840-container');" onmouseover="this.style.cursor='pointer'">45590 - Common Platform Enumeration (CPE)<div id="idp45188416018840-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416018840-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It was possible to enumerate CPE names that matched on the remote system.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host. <br> <br>Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416022424" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://cpe.mitre.org/" target="_blank">http://cpe.mitre.org/</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://nvd.nist.gov/products/cpe" target="_blank">https://nvd.nist.gov/products/cpe</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/04/21, Modified: 2023/07/27<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The remote operating system matched the following CPE : <br> <br>  cpe:/o:centos:centos:7:update9 -&gt; CentOS<br> <br>Following application CPE's matched on the remote system : <br> <br>  cpe:/a:apache:log4j:1.2.16 -&gt; Apache Software Foundation log4j<br>  cpe:/a:apache:log4j:1.2.17 -&gt; Apache Software Foundation log4j<br>  cpe:/a:apache:log4j:2.11.1 -&gt; Apache Software Foundation log4j<br>  cpe:/a:docker:docker:23.0.1 -&gt; Docker<br>  cpe:/a:elastic:elasticsearch:7.13.0 -&gt; Elastic Elasticsearch<br>  cpe:/a:gnupg:libgcrypt:1.5.3 -&gt; GnuPG Libgcrypt<br>  cpe:/a:igor_sysoev:nginx:1.19.9 -&gt; Nginx<br>  cpe:/a:igor_sysoev:nginx:1.20.1 -&gt; Nginx<br>  cpe:/a:jenkins:jenkins:2.387.1 -&gt; Jenkins<br>  cpe:/a:nginx:nginx -&gt; Nginx<br>  cpe:/a:nginx:nginx:1.19.9 -&gt; Nginx<br>  cpe:/a:nginx:nginx:1.20.1 -&gt; Nginx<br>  cpe:/a:openbsd:openssh:8.6 -&gt; OpenBSD OpenSSH<br>  cpe:/a:openssl:openssl:1.0.2k -&gt; OpenSSL Project OpenSSL<br>  cpe:/a:oracle:openjdk:1.11.0.18.10 -&gt; Oracle OpenJDK -<br>  cpe:/a:redhat:ansible:2.10.17 -&gt; Red Hat Ansible<br>  cpe:/a:sqlite:sqlite:3.7.17 -&gt; SQLite<br>  cpe:/a:tenable:nessus:10.1.2 -&gt; Tenable Nessus<br>  x-cpe:/a:adopt-openjdk::1.16.36<br>  x-cpe:/a:java:jre:1.11.0.18.10<br>  x-cpe:/a:java:jre:1.16.36<br>  x-cpe:/a:microsoft:odbc_driver_for_sql_server:17.10.4.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416040088" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416040088-container');" onmouseover="this.style.cursor='pointer'">55472 - Device Hostname<div id="idp45188416040088-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416040088-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It was possible to determine the remote system hostname.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin reports a device's hostname collected via SSH or WMI.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/06/30, Modified: 2023/08/08<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Hostname : kubespray<br>    kubespray (hostname command)<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416047640" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416047640-container');" onmouseover="this.style.cursor='pointer'">54615 - Device Type<div id="idp45188416047640-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416047640-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It is possible to guess the remote device type.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc).<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/05/23, Modified: 2022/09/09<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Remote device type : general-purpose<br>Confidence level : 100<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416071320" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416071320-container');" onmouseover="this.style.cursor='pointer'">111529 - Docker Container Number of Changed Files<div id="idp45188416071320-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416071320-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Checks for changes in running Docker containers and reports how many files changed.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin checks the docker diff information for each container and reports the number of changed files.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416074392" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.docker.com/" target="_blank">https://www.docker.com/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2018/08/03, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Docker container 934e0f2e8d4c2f71b4b4134359081e80454b0d6f7ec46a049692c70a5abe2da3 has 10 changed files<br> <br>Docker container d5b3428e030fe7433ce6bfddb3300ee6f0d12690dac45608c67483809eb4a32d has 6 changed files<br> <br>Docker container 80afa781401ffe6e5a65049e2310c95a08e7c30d10257f57bd87f0ba9f4b81f8 has 7 changed files<br> <br>Docker container b085cf3fb55a4abe8733c399742b09239ea9a0ace5d6140e67690887dedc1e36 has 5 changed files<br> <br>Docker container 3a98b4be179d575230e1ee29ad81124f9e9606f18d305da7da6f84ff4fa589ec has 484 changed files<br> <br>Docker container 44ada60e113a6cecd8b62300437bb8e79fc6a65c6dd2caa754b501f22587f978 has 16 changed files<br> <br>Docker container faa51e572b870e89a0d9479fe6a5cfd39c523a3275b9f630c3507a3ca11d2b86 has 146 changed files<br> <br>Docker container 88854ca93fdc6cbc539fb746f2d461c8253e08d1bbeb68604866d3647168ebe6 has 4 changed files<br> <br>Docker container 30d89bf4c2655b84c7317a553a7cdc3e075e5c432a31df2219a20322d699011e has 13 changed files<br> <br>Docker container 912e39259a6cd8cdba60b8d98c5e34afe989536cc74b3ea9d6319aa772079769 has 18 changed files<br> <br>Docker container a2b2f61453ac89fa859fbb537ce3ee5497e8b2ff7c30635d510acceb8dbb1fc9 has 34 changed files<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416085400" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416085400-container');" onmouseover="this.style.cursor='pointer'">159488 - Docker Installed (Linux)<div id="idp45188416085400-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416085400-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Docker was detected on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A container virtualization suite is installed on the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416088472" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.docker.com/" target="_blank">https://www.docker.com/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/04/04, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path    : /bin/docker<br>  Version : 23.0.1<br>  build   : a5ee5b1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416107160" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416107160-container');" onmouseover="this.style.cursor='pointer'">93561 - Docker Service Detection<div id="idp45188416107160-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416107160-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Docker was detected on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The Docker service is running on the remote host. Docker is an open-source project that automates the deployment of applications inside software containers.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416110232" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.docker.com/" target="_blank">https://www.docker.com/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2016/09/16, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">  Version: 23.0.1<br>  Version: 23.0.1<br>  Version: 1.6.19<br>  Version: 1.1.4<br>  Version: 0.19.0<br> <br>The following containers were detected running on the remote Docker host :<br> <br>Name:      /sdn_lcm_web_3.2.1<br>Image:     web<br>Image ID : sha256:0735ad855a20512f4d04c0f7c133fa87b10c83e44f71119611af56ef45cf17ed<br>Tag:       3.2.1<br>ID:        934e0f2e8d4c2f71b4b4134359081e80454b0d6f7ec46a049692c70a5abe2da3<br>Ports:     80/tcp<br>           51370/tcp -&gt; 0.0.0.0:51371<br>           51370/tcp -&gt; :::51371<br>           <br>Name:      /sdn_lcm_server_3.2.1<br>Image:     server<br>Image ID : sha256:a8f19d68bde29ac2e85aeff03ee14f8855cf05d72f7b9161b47a7fce8f8640b5<br>Tag:       3.2.1<br>ID:        d5b3428e030fe7433ce6bfddb3300ee6f0d12690dac45608c67483809eb4a32d<br>Ports:     n/a <br> <br>Name:      /sdn_lcm_mysql_3.2.1<br>Image:     mysql<br>Image ID : sha256:8e85dd5c32558ea5c22cc4786cff512c1940270a50e7dbc21ad2df42f0637de4<br>Tag:       8.0.21<br>ID:        80afa781401ffe6e5a65049e2310c95a08e7c30d10257f57bd87f0ba9f4b81f8<br>Ports:     33060/tcp<br>           3306/tcp<br>           <br>Name:      /sdn_lcm_redis_3.2.1<br>Image:     redis<br>Image ID : sha256:1319b1eaa0b7bcebae63af321fa67559b9517e8494060403d083bb3508fe52c8<br>Tag:       6.0.6<br>ID:        b085cf3fb55a4abe8733c399742b09239ea9a0ace5d6140e67690887dedc1e36<br>Ports:     6379/tcp<br>           <br>Name:      /nice_feynman<br>Image:     dockermi3aka/awvs<br>Image ID : sha256:f9c37706d496b2064fdb3acfe0085c92a570c8ea55377df64f2ce0e84fad45c4<br>Tag:       latest<br>ID:        3a98b4be179d575230e1ee29ad81124f9e9606f18d305da7da6f84ff4fa589ec<br>Ports:     3443/tcp -&gt; 0.0.0.0:3443<br>           3443/tcp -&gt; :::3443<br>           <br>Name:      /arl_scheduler<br>Image:     tophant/arl<br>Image ID : sha256:ecae220d07688b2fcc10170642bdc8fd62ec32cf45cabbc8a1ab1585109b9f8f<br>Tag:       latest<br>ID:        37e59307341c2ae73828ff7826d23852a320f2d1bc033f95eae64c50b29bb38d<br>Ports:     n/a <br> <br>Name:      /arl_worker<br>Image:     tophant/arl<br>Image ID : sha256:ecae220d07688b2fcc10170642bdc8fd62ec32cf45cabbc8a1ab1585109b9f8f<br>Tag:       latest<br>ID:        44ada60e113a6cecd8b62300437bb8e79fc6a65c6dd2caa754b501f22587f978<br>Ports:     n/a <br> <br>Name:      /arl_web<br>Image:     tophant/arl<br>Image ID : sha256:ecae220d07688b2fcc10170642bdc8fd62ec32cf45cabbc8a1ab1585109b9f8f<br>Tag:       latest<br>ID:        faa51e572b870e89a0d9479fe6a5cfd39c523a3275b9f630c3507a3ca11d2b86<br>Ports:     443/tcp -&gt; 0.0.0.0:5003<br>           443/tcp -&gt; :::5003<br>           <br>Name:      /arl_mongodb<br>Image:     mongo<br>Image ID : sha256:e305b5d51c0a0b6aa0161db6becb38c39bd9fbd74effa2eb073d3b3e87dee5e4<br>Tag:       4.0.27<br>ID:        88854ca93fdc6cbc539fb746f2d461c8253e08d1bbeb68604866d3647168ebe6<br>Ports:     27017/tcp<br>           <br>Name:      /arl_rabbitmq<br>Image:     rabbitmq<br>Image ID : sha256:cd80881c4e0e6eaba14aeb00178f28a420393e4d14b71e07cdcc0ff380790f0a<br>Tag:       3.8.19-management-alpine<br>ID:        30d89bf4c2655b84c7317a553a7cdc3e075e5c432a31df2219a20322d699011e<br>Ports:     5671/tcp<br>           4369/tcp<br>           15671/tcp<br>           5672/tcp<br>           15691/tcp<br>           15692/tcp<br>           25672/tcp<br>           15672/tcp<br>           <br>Name:      /kuboard-spray<br>Image:     eipwork/kuboard-spray<br>Image ID : sha256:1f00c0b111160f672ab0c973d13d1cf7a2920e7cb56f84c826b9c24842c2f37b<br>Tag:       latest-amd64<br>ID:        912e39259a6cd8cdba60b8d98c5e34afe989536cc74b3ea9d6319aa772079769<br>Ports:     80/tcp -&gt; 0.0.0.0:80<br>           80/tcp -&gt; :::80<br>           <br>Name:      /spug<br>Image:     registry.aliyuncs.com/openspug/spug<br>Image ID : sha256:a6a4856a9f3b315412ac3d9ea7e682df16928fa715e0c7ad76227f6ab0f0455d<br>Tag:       latest<br>ID:        a2b2f61453ac89fa859fbb537ce3ee5497e8b2ff7c30635d510acceb8dbb1fc9<br>Ports:     80/tcp -&gt; 0.0.0.0:9999<br>           80/tcp -&gt; :::9999<br>           <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416142744" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416142744-container');" onmouseover="this.style.cursor='pointer'">153800 - Elastic Elasticsearch Installed (Linux)<div id="idp45188416142744-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416142744-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Detects Elastic Elasticsearch on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Detects Elastic Elasticsearch on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416145816" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.elastic.co/products/elasticsearch" target="_blank">https://www.elastic.co/products/elasticsearch</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/09/30, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path    : /usr/share/elasticsearch<br>  Version : 7.13.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416151960" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416151960-container');" onmouseover="this.style.cursor='pointer'">25203 - Enumerate IPv4 Interfaces via SSH<div id="idp45188416151960-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416151960-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to enumerate the IPv4 interfaces on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to enumerate the network interfaces configured with IPv4 addresses by connecting to the remote host via SSH using the supplied credentials.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Disable any unused IPv4 interfaces.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/11, Modified: 2022/02/23<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following IPv4 addresses are set on the remote host :<br> <br> - 172.19.0.1 (on interface br-09ce6d42da0f)<br> - 172.20.0.1 (on interface br-5558a1a20473)<br> - 172.18.0.1 (on interface br-d37da95ee17c)<br> - 172.17.0.1 (on interface docker0)<br> - 172.16.187.220 (on interface ens192)<br> - 127.0.0.1 (on interface lo)<br> - 192.168.122.1 (on interface virbr0)<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416177688" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416177688-container');" onmouseover="this.style.cursor='pointer'">25202 - Enumerate IPv6 Interfaces via SSH<div id="idp45188416177688-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416177688-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to enumerate the IPv6 interfaces on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to enumerate the network interfaces configured with IPv6 addresses by connecting to the remote host via SSH using the supplied credentials.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Disable IPv6 if you are not actually using it. Otherwise, disable any unused IPv6 interfaces.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/11, Modified: 2022/02/23<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following IPv6 interfaces are set on the remote host :<br> <br> - fe80::42:6dff:fe1a:6186 (on interface br-09ce6d42da0f)<br> - fe80::42:f3ff:fea7:8b29 (on interface br-5558a1a20473)<br> - fe80::42:3eff:fe74:96f5 (on interface br-d37da95ee17c)<br> - fe80::42:f6ff:fe95:f7e4 (on interface docker0)<br> - fe80::31cc:24e3:f2:7bfc (on interface ens192)<br> - ::1 (on interface lo)<br> - fe80::2898:9cff:fe35:ed63 (on interface veth211bc11)<br> - fe80::ecce:73ff:fec5:5a2c (on interface veth31c547b)<br> - fe80::702e:bbff:fef4:eb27 (on interface veth3e11f95)<br> - fe80::cc94:efff:fe3c:8f6b (on interface veth51b5afe)<br> - fe80::e0b5:1dff:fe83:eb43 (on interface veth56a7478)<br> - fe80::6051:c6ff:fe0c:15d7 (on interface veth5aa009d)<br> - fe80::5468:a9ff:fe0e:23b3 (on interface veth6fdc7bf)<br> - fe80::d81a:56ff:fe6d:a1f0 (on interface veth7928bf9)<br> - fe80::e8f3:50ff:fe31:599b (on interface veth7a16f7f)<br> - fe80::183b:2aff:fede:371e (on interface vetha08329d)<br> - fe80::7c86:a3ff:fec1:369a (on interface vethc6b3d07)<br> - fe80::12:57ff:fe39:16fd (on interface vethf7dfdaf)<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416193944" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416193944-container');" onmouseover="this.style.cursor='pointer'">33276 - Enumerate MAC Addresses via SSH<div id="idp45188416193944-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416193944-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to enumerate MAC addresses on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to enumerate MAC addresses by connecting to the remote host via SSH with the supplied credentials.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Disable any unused interfaces.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2008/06/30, Modified: 2022/12/20<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following MAC addresses exist on the remote host :<br> <br>  - 72:2e:bb:f4:eb:27 (interface veth3e11f95)<br>  - e2:b5:1d:83:eb:43 (interface veth56a7478)<br>  - da:1a:56:6d:a1:f0 (interface veth7928bf9)<br>  - 02:12:57:39:16:fd (interface vethf7dfdaf)<br>  - 02:42:6d:1a:61:86 (interface br-09ce6d42da0f)<br>  - ee:ce:73:c5:5a:2c (interface veth31c547b)<br>  - 02:42:3e:74:96:f5 (interface br-d37da95ee17c)<br>  - ce:94:ef:3c:8f:6b (interface veth51b5afe)<br>  - ea:f3:50:31:59:9b (interface veth7a16f7f)<br>  - 00:50:56:9b:47:a6 (interface ens192)<br>  - 56:68:a9:0e:23:b3 (interface veth6fdc7bf)<br>  - 62:51:c6:0c:15:d7 (interface veth5aa009d)<br>  - 52:54:00:cc:ff:f6 (interfaces virbr0 &amp; virbr0-nic)<br>  - 02:42:f6:95:f7:e4 (interface docker0)<br>  - 2a:98:9c:35:ed:63 (interface veth211bc11)<br>  - 1a:3b:2a:de:37:1e (interface vetha08329d)<br>  - 7e:86:a3:c1:36:9a (interface vethc6b3d07)<br>  - 02:42:f3:a7:8b:29 (interface br-5558a1a20473)<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416206232" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416206232-container');" onmouseover="this.style.cursor='pointer'">170170 - Enumerate the Network Interaface configuration via SSH<div id="idp45188416206232-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416206232-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to parse the Network Interface data on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to parse the Network Interface data on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/01/19, Modified: 2023/07/18<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">vetha08329d:<br>  MAC : 1a:3b:2a:de:37:1e<br>  IPv6:<br>    - Address : fe80::183b:2aff:fede:371e<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth7a16f7f:<br>  MAC : ea:f3:50:31:59:9b<br>  IPv6:<br>    - Address : fe80::e8f3:50ff:fe31:599b<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth5aa009d:<br>  MAC : 62:51:c6:0c:15:d7<br>  IPv6:<br>    - Address : fe80::6051:c6ff:fe0c:15d7<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth56a7478:<br>  MAC : e2:b5:1d:83:eb:43<br>  IPv6:<br>    - Address : fe80::e0b5:1dff:fe83:eb43<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>br-d37da95ee17c:<br>  MAC : 02:42:3e:74:96:f5<br>  IPv4:<br>    - Address : 172.18.0.1<br>        Netmask : 255.255.0.0<br>        Broadcast : 172.18.255.255<br>  IPv6:<br>    - Address : fe80::42:3eff:fe74:96f5<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>br-09ce6d42da0f:<br>  MAC : 02:42:6d:1a:61:86<br>  IPv4:<br>    - Address : 172.19.0.1<br>        Netmask : 255.255.0.0<br>        Broadcast : 172.19.255.255<br>  IPv6:<br>    - Address : fe80::42:6dff:fe1a:6186<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth211bc11:<br>  MAC : 2a:98:9c:35:ed:63<br>  IPv6:<br>    - Address : fe80::2898:9cff:fe35:ed63<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>virbr0:<br>  MAC : 52:54:00:cc:ff:f6<br>  IPv4:<br>    - Address : 192.168.122.1<br>        Netmask : 255.255.255.0<br>        Broadcast : 192.168.122.255<br>veth3e11f95:<br>  MAC : 72:2e:bb:f4:eb:27<br>  IPv6:<br>    - Address : fe80::702e:bbff:fef4:eb27<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>ens192:<br>  MAC : 00:50:56:9b:47:a6<br>  IPv4:<br>    - Address : 172.16.187.220<br>        Netmask : 255.255.255.0<br>        Broadcast : 172.16.187.255<br>  IPv6:<br>    - Address : fe80::31cc:24e3:f2:7bfc<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>vethc6b3d07:<br>  MAC : 7e:86:a3:c1:36:9a<br>  IPv6:<br>    - Address : fe80::7c86:a3ff:fec1:369a<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth7928bf9:<br>  MAC : da:1a:56:6d:a1:f0<br>  IPv6:<br>    - Address : fe80::d81a:56ff:fe6d:a1f0<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth6fdc7bf:<br>  MAC : 56:68:a9:0e:23:b3<br>  IPv6:<br>    - Address : fe80::5468:a9ff:fe0e:23b3<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>br-5558a1a20473:<br>  MAC : 02:42:f3:a7:8b:29<br>  IPv4:<br>    - Address : 172.20.0.1<br>        Netmask : 255.255.0.0<br>        Broadcast : 172.20.255.255<br>  IPv6:<br>    - Address : fe80::42:f3ff:fea7:8b29<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>virbr0-nic:<br>  MAC : 52:54:00:cc:ff:f6<br>vethf7dfdaf:<br>  MAC : 02:12:57:39:16:fd<br>  IPv6:<br>    - Address : fe80::12:57ff:fe39:16fd<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth31c547b:<br>  MAC : ee:ce:73:c5:5a:2c<br>  IPv6:<br>    - Address : fe80::ecce:73ff:fec5:5a2c<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>veth51b5afe:<br>  MAC : ce:94:ef:3c:8f:6b<br>  IPv6:<br>    - Address : fe80::cc94:efff:fe3c:8f6b<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>docker0:<br>  MAC : 02:42:f6:95:f7:e4<br>  IPv4:<br>    - Address : 172.17.0.1<br>        Netmask : 255.255.0.0<br>        Broadcast : 172.17.255.255<br>  IPv6:<br>    - Address : fe80::42:f6ff:fe95:f7e4<br>        Prefixlen : 64<br>        Scope : link<br>        ScopeID : 0x20<br>lo:<br>  IPv4:<br>    - Address : 127.0.0.1<br>        Netmask : 255.0.0.0<br>  IPv6:<br>    - Address : ::1<br>        Prefixlen : 128<br>        Scope : host<br>        ScopeID : 0x10<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416269336" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416269336-container');" onmouseover="this.style.cursor='pointer'">179200 - Enumerate the Network Routing configuration via SSH<div id="idp45188416269336-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416269336-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to retrieve network routing information from the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to retrieve network routing information the remote host.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/02, Modified: 2023/08/02<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Gateway Routes:<br>  ens192:<br>    ipv4_gateways:<br>      172.16.187.1:<br>        subnets:<br>         - 0.0.0.0/0<br>Interface Routes:<br>  br-09ce6d42da0f:<br>    ipv4_subnets:<br>     - 172.19.0.0/16<br>    ipv6_subnets:<br>     - fe80::/64<br>  br-5558a1a20473:<br>    ipv4_subnets:<br>     - 172.20.0.0/16<br>    ipv6_subnets:<br>     - fe80::/64<br>  br-d37da95ee17c:<br>    ipv4_subnets:<br>     - 172.18.0.0/16<br>    ipv6_subnets:<br>     - fe80::/64<br>  docker0:<br>    ipv4_subnets:<br>     - 172.17.0.0/16<br>    ipv6_subnets:<br>     - fe80::/64<br>  ens192:<br>    ipv4_subnets:<br>     - 172.16.187.0/24<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth211bc11:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth31c547b:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth3e11f95:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth51b5afe:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth56a7478:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth5aa009d:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth6fdc7bf:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth7928bf9:<br>    ipv6_subnets:<br>     - fe80::/64<br>  veth7a16f7f:<br>    ipv6_subnets:<br>     - fe80::/64<br>  vetha08329d:<br>    ipv6_subnets:<br>     - fe80::/64<br>  vethc6b3d07:<br>    ipv6_subnets:<br>     - fe80::/64<br>  vethf7dfdaf:<br>    ipv6_subnets:<br>     - fe80::/64<br>  virbr0:<br>    ipv4_subnets:<br>     - 192.168.122.0/24<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416298392" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416298392-container');" onmouseover="this.style.cursor='pointer'">168980 - Enumerate the PATH Variables<div id="idp45188416298392-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416298392-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Enumerates the PATH variable of the current scan user.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Enumerates the PATH variables of the current scan user.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Ensure that directories listed here are in line with corporate policy.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/12/21, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Nessus has enumerated the path of the current scan user : <br> <br>/usr/local/sbin<br>/usr/local/bin<br>/sbin<br>/bin<br>/usr/sbin<br>/usr/bin<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416307480" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416307480-container');" onmouseover="this.style.cursor='pointer'">35716 - Ethernet Card Manufacturer Detection<div id="idp45188416307480-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416307480-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The manufacturer can be identified from the Ethernet OUI.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Each ethernet MAC address starts with a 24-bit Organizationally Unique Identifier (OUI). These OUIs are registered by IEEE.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416310680" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://standards.ieee.org/faqs/regauth.html" target="_blank">https://standards.ieee.org/faqs/regauth.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?794673b4" target="_blank">http://www.nessus.org/u?794673b4</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2009/02/19, Modified: 2020/05/13<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following card manufacturers were identified :<br> <br>00:50:56:9B:47:A6 : VMware, Inc.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188416317848" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416317848-container');" onmouseover="this.style.cursor='pointer'">86420 - Ethernet MAC Addresses<div id="idp45188416317848-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416317848-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin gathers MAC addresses from various sources and consolidates them into a list.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin gathers MAC addresses discovered from both remote probing of the host (e.g. SNMP and Netbios) and from running local checks (e.g. ifconfig). It then consolidates the MAC addresses into a single, unique, and uniform list.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2015/10/16, Modified: 2020/05/13<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The following is a consolidated list of detected MAC addresses:<br>  - 72:2E:BB:F4:EB:27<br>  - E2:B5:1D:83:EB:43<br>  - DA:1A:56:6D:A1:F0<br>  - 02:12:57:39:16:FD<br>  - 02:42:6D:1A:61:86<br>  - EE:CE:73:C5:5A:2C<br>  - 02:42:3E:74:96:F5<br>  - CE:94:EF:3C:8F:6B<br>  - EA:F3:50:31:59:9B<br>  - 00:50:56:9B:47:A6<br>  - 56:68:A9:0E:23:B3<br>  - 62:51:C6:0C:15:D7<br>  - 02:42:F6:95:F7:E4<br>  - 2A:98:9C:35:ED:63<br>  - 1A:3B:2A:DE:37:1E<br>  - 7E:86:A3:C1:36:9A<br>  - 02:42:F3:A7:8B:29<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416341656" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416341656-container');" onmouseover="this.style.cursor='pointer'">168982 - Filepaths contain Dangerous characters (Linux)<div id="idp45188416341656-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416341656-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This Tenable product detected files or paths on the scanned Unix-like system which contain characters with command injection or privilege escalation potential.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This Tenable product detected files or paths on the scanned Unix-like system which contain characters with command injection or privilege escalation potential. Although almost any character is valid for an entry in this kind of filesystem, such as semicolons, use of some of them may lead to problems or security compromise when used in further commands.<br> <br>This product has chosen in certain plugins to avoid digging within those files and directories for security reasons.<br>These should be renamed to avoid security compromise.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Rename these files or folders to not include dangerous characters.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/12/21, Modified: 2022/12/21<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The following files and directories contain potentially dangerous characters such as brackets, ampersand, or semicolon.<br>This scanner avoided access to these files when possible for safety:<br> <br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/access-modifier-annotation-1.30.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/annotation-indexer-1.17.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/ant-1.10.12.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/ant-launcher-1.10.12.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/antlr4-runtime-4.11.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/args4j-2.33.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/asm-9.4.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/asm-analysis-9.4.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/asm-commons-9.4.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/asm-tree-9.4.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/asm-util-9.4.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/bridge-method-annotation-1.25.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/cli-2.387.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-beanutils-1.9.4.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-codec-1.15.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-collections-3.2.2.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-compress-1.22.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-discovery-0.5.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-fileupload-1.5.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-io-2.11.0.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-jelly-1.1-jenkins-20220630.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-jelly-tags-define-1.0.1-hudson-20071021.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-jelly-tags-fmt-1.0.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-jelly-tags-xml-1.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-jexl-1.1-jenkins-20111212.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/commons-lang-2.6.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/crypto-util-1.8.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/dom4j-2.1.3.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/embedded_su4j-1.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/ezmorph-1.0.6.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/failureaccess-1.0.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/groovy-all-2.4.21.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/guava-31.1-jre.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/guice-5.1.0.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/j-interop-2.0.8-kohsuke-1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/j-interopdeps-2.0.8-kohsuke-1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jakarta.annotation-api-2.1.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jakarta.servlet.jsp.jstl-api-1.2.7.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jansi-1.11.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/javax.annotation-api-1.3.2.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/javax.inject-1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jaxen-2.0.0.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jbcrypt-1.0.0.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jcifs-1.3.18-kohsuke-1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jcip-annotations-1.0.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jcl-over-slf4j-2.0.6.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jcommon-1.0.23.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jenkins-core-2.387.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jenkins-stapler-support-1.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jfreechart-1.0.19.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jline-2.14.6.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jna-5.12.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/json-lib-2.4-jenkins-3.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/jzlib-1.1.3-kohsuke-1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/kxml2-2.3.0.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/localizer-1.31.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/log4j-over-slf4j-2.0.6.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/memory-monitor-1.12.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/metainf-services-1.9.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/mxparser-1.2.2.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/relaxngDatatype-20020414.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/remoting-3107.v665000b_51092.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/robust-http-client-1.2.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/sezpoz-1.13.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/slf4j-api-2.0.6.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/slf4j-jdk14-2.0.6.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spotbugs-annotations-4.7.3.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-aop-5.3.24.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-beans-5.3.24.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-context-5.3.24.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-core-5.3.24.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-expression-5.3.24.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-security-core-5.8.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-security-crypto-5.8.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-security-web-5.8.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/spring-web-5.3.24.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/stapler-1756.1758.v13fcdc2c8c34.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/stapler-adjunct-codemirror-1.3.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/stapler-adjunct-timeline-1.5.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/stapler-groovy-1756.1758.v13fcdc2c8c34.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/stapler-jelly-1756.1758.v13fcdc2c8c34.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/symbol-annotation-1.24.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/task-reactor-1.8.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/tiger-types-2.2.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/txw2-20110809.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/version-number-1.11.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/websocket-jetty10-2.387.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/websocket-jetty9-2.387.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/websocket-spi-2.387.1.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/windows-package-checker-1.2.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/winp-1.30.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/xpp3-1.1.4c.jar<br>/var/lib/jenkins/%C/jenkins/war/WEB-INF/lib/xstream-1.4.20.jar<br>/var/lib/jenkins/%C/jenkins/war/executable/winstone.jar<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416378776" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416378776-container');" onmouseover="this.style.cursor='pointer'">84502 - HSTS Missing From HTTPS Server<div id="idp45188416378776-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416378776-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server is not enforcing HSTS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416381848" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/rfc6797" target="_blank">https://tools.ietf.org/html/rfc6797</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Configure the remote web server to use HSTS.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2015/07/02, Modified: 2021/05/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  The remote HTTPS server does not send the HTTP<br>  "Strict-Transport-Security" header.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416392216" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416392216-container');" onmouseover="this.style.cursor='pointer'">10107 - HTTP Server Type and Version<div id="idp45188416392216-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416392216-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A web server is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin attempts to determine the type and the version of the   remote web server.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188416397336" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0931</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/01/04, Modified: 2020/10/30<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The remote web server type is :<br> <br>nginx/1.20.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416401944" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416401944-container');" onmouseover="this.style.cursor='pointer'">10107 - HTTP Server Type and Version<div id="idp45188416401944-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416401944-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A web server is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin attempts to determine the type and the version of the   remote web server.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188416407064" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0931</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/01/04, Modified: 2020/10/30<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The remote web server type is :<br> <br>NessusWWW<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416411672" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416411672-container');" onmouseover="this.style.cursor='pointer'">10107 - HTTP Server Type and Version<div id="idp45188416411672-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416411672-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A web server is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin attempts to determine the type and the version of the   remote web server.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188416429080" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0931</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/01/04, Modified: 2020/10/30<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The remote web server type is :<br> <br>nginx<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416433688" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416433688-container');" onmouseover="this.style.cursor='pointer'">10107 - HTTP Server Type and Version<div id="idp45188416433688-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416433688-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A web server is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin attempts to determine the type and the version of the   remote web server.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188416442904" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0931</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/01/04, Modified: 2020/10/30<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/51371/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The remote web server type is :<br> <br>nginx/1.19.9<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416451608" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416451608-container');" onmouseover="this.style.cursor='pointer'">24260 - HyperText Transfer Protocol (HTTP) Information<div id="idp45188416451608-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416451608-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Some information about the remote HTTP configuration can be extracted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... <br> <br>This test is informational only and does not denote any security problem.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/01/30, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/80/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Response Code : HTTP/1.1 200 OK<br> <br>Protocol version : HTTP/1.1<br>SSL : no<br>Keep-Alive : no<br>Options allowed : (Not implemented)<br>Headers :<br> <br>  Content-Type: text/html; charset=utf-8<br>  Date: Mon, 18 Sep 2023 03:19:38 GMT<br>  Connection: close<br>  Transfer-Encoding: chunked<br>  <br>Response Body :<br> <br>&lt;!DOCTYPE html&gt;&lt;html lang="" style="height: 100%;"&gt;&lt;head&gt;&lt;meta charset="utf-8"&gt;&lt;meta http-equiv="X-UA-Compatible" content="IE=edge"&gt;&lt;meta name="viewport" content="width=device-width,initial-scale=1"&gt;&lt;link rel="icon" href=""&gt;&lt;title&gt;Kuboard Spray&lt;/title&gt;&lt;script async src="https://www.googletagmanager.com/gtag/js?id=G-0D2X8HMY8R"&gt;&lt;/script&gt;&lt;script&gt;window.dataLayer = window.dataLayer || [];<br>      function gtag(){dataLayer.push(arguments);}<br>      gtag('js', new Date());<br> <br>      gtag('config', 'G-0D2X8HMY8R');&lt;/script&gt;&lt;link href="js/chunk-01184a3c.652d1654.js" rel="prefetch"&gt;&lt;link href="js/chunk-0425021c.e87e36b7.js" rel="prefetch"&gt;&lt;link href="js/chunk-056a6a93.04cee92a.js" rel="prefetch"&gt;&lt;link href="js/chunk-19c689cb.6e9f0fb5.js" rel="prefetch"&gt;&lt;link href="js/chunk-27164e48.ee6080b5.js" rel="prefetch"&gt;&lt;link href="js/chunk-2bab7783.e041652f.js" rel="prefetch"&gt;&lt;link href="js/chunk-37d53f16.c4750794.js" rel="prefetch"&gt;&lt;link href="js/chunk-42b5e2ba.f772af6c.js" rel="prefetch"&gt;&lt;link href="js/chunk-4f5b5865.f2a14d16.js" rel="prefetch"&gt;&lt;link href="js/chunk-656cae06.59b8fb0e.js" rel="prefetch"&gt;&lt;link href="js/chunk-76135b5a.55022219.js" rel="prefetch"&gt;&lt;link href="js/chunk-84adaee6.77bf7285.js" rel="prefetch"&gt;&lt;link href="js/chunk-8fd85f82.0c58dcf9.js" rel="prefetch"&gt;&lt;link href="js/chunk-c368485c.e13c205d.js" rel="prefetch"&gt;&lt;link href="js/chunk-c3acdbc8.48469b86.js" rel="prefetch"&gt;&lt;link href="js/chunk-dda1ebdc.b5484010.js" rel="prefetch"&gt;&lt;link href="js/chunk-e9b7cc84.8fc2561b.js" rel="prefetch"&gt;&lt;link href="js/chunk-fd14556c.24c88bd6.js" rel="prefetch"&gt;&lt;link href="js/app.03e7c389.js" rel="preload" as="script"&gt;&lt;link href="js/chunk-vendors.9d7dd03d.js" rel="preload" as="script"&gt;&lt;/head&gt;&lt;body style="height: 100%; margin: 0;"&gt;&lt;noscript&gt;&lt;strong&gt;We're sorry but Kuboard Spray doesn't work properly without JavaScript enabled. Please enable it to continue.&lt;/strong&gt;&lt;/noscript&gt;&lt;div id="app"&gt;&lt;/div&gt;&lt;script src="js/chunk-vendors.9d7dd03d.js"&gt;&lt;/script&gt;&lt;script src="js/app.03e7c389.js"&gt;&lt;/script&gt;&lt;/body&gt;&lt;/html&gt;<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416464408" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416464408-container');" onmouseover="this.style.cursor='pointer'">24260 - HyperText Transfer Protocol (HTTP) Information<div id="idp45188416464408-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416464408-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Some information about the remote HTTP configuration can be extracted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... <br> <br>This test is informational only and does not denote any security problem.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/01/30, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Response Code : HTTP/1.1 200 OK<br> <br>Protocol version : HTTP/1.1<br>SSL : yes<br>Keep-Alive : no<br>Options allowed : (Not implemented)<br>Headers :<br> <br>  Content-Type: text/html; charset=utf8<br>  Date: Mon, 18 Sep 2023 03:19:39 GMT<br>  Last-Modified: Mon, 25 Apr 2022 09:37:00 GMT<br>  X-Frame-Options: SAMEORIGIN<br>  X-Content-Type-Options: nosniff<br>  Strict-Transport-Security: max-age=31536000; includeSubdomains<br>  Content-Length: 3643<br>  <br>Response Body :<br> <br>&lt;!doctype html&gt;<br>&lt;html lang="en"&gt;<br>&lt;head&gt;<br>  &lt;meta charset="utf-8"&gt;<br>  &lt;title&gt;Acunetix&lt;/title&gt;<br>  &lt;base href="/"&gt;<br> <br>  &lt;meta name="viewport" content="width=device-width, initial-scale=1"&gt;<br>  &lt;link rel="icon" type="image/svg+xml" href="favicon.svg"&gt;<br>  &lt;script&gt;<br>    var global = global || window;<br>    // var Buffer = Buffer || [];<br>    // var process = process || {<br>    //   env: { DEBUG: undefined },<br>    //   version: []<br>    // };<br>  &lt;/script&gt;<br>  &lt;script&gt;<br>    (function (apiKey) {<br>      (function (p, e, n, d, o) {<br>        var v, w, x, y, z;<br>        o = p[d] = p[d] || {};<br>        o._q = [];<br>        v = ['initialize', 'identify', 'updateOptions', 'pageLoad'];<br>        for (w = 0, x = v.length; w &lt; x; ++w) (function (m) {<br>          o[m] = o[m] || function () {<br>            o._q[m === v[0] ? 'unshift' : 'push']([m].concat([].slice.call(arguments, 0)));<br>          };<br>        })(v[w]);<br>        y = e.createElement(n);<br>        y.async = !0;<br>        y.src = 'https://cdn.pendo.io/agent/static/' + apiKey + '/pendo.js';<br>        z = e.getElementsByTagName(n)[0];<br>        z.parentNode.insertBefore(y, z);<br>      })(window, document, 'script', 'pendo');<br>    })('c3c5895e-585b-4bd7-4e19-6f51bab34f7a');<br>  &lt;/script&gt;<br> <br>&lt;link rel="stylesheet" href="styles.b2c1abe46e3aff2b0897.css"&gt;&lt;/head&gt;<br>&lt;body&gt;<br>&lt;script&gt;<br> <br>  var isOldBrowser = false;<br>  if ((<br>      (navigator.userAgent.indexOf('Trident') !== -1) || (navigator.userAgent.indexOf('Edge') !== -1))<br>    &amp;&amp; sessionStorage.getItem('old_browser_allowed') !== 'yes') {<br> <br>    isOldBrowser = true;<br> <br>    var logo = document.createElement('img');<br>    var warnDiv = document.createElement('div');<br>    var continueButton = document.createElement('button')<br>    continueButton.innerText = 'Continue (not recommended/supported)';<br>    continueButton.style.height = 'auto';<br>    continueButton.style.padding = '15px';<br> <br>    continueButton.addEventListener('click', function () {<br>      sessionStorage.setItem('old_browser_allowed', 'yes');<br>      window.location.reload();<br>    })<br> <br>    continueButton.onmousemove = function () {<br>      this.style.backgroundColor = "#BB3210";<br>      this.style.color = "#FFFFFF";<br>    };<br>    continueButton.onmouseout = function () {<br>      this.style.backgroundColor = "";<br>      this.style.color = "";<br>    };<br> <br>    logo.src = 'assets/images/invicti-acunetix-logo.svg';<br>    logo.style.width = '150px';<br>    if (navigator.userAgent.indexOf('Trident') !== -1) {<br>      warnDiv.innerHTML = 'Internet Explorer is not supported. Please use a different browser.';<br>    } else if (navigator.userAgent.indexOf('Edge') !== -1) {<br>      warnDiv.innerHTML = 'This version of Microsoft Edge is not supported. Please use the latest (Chromium) version of Edge or a different browser.';<br>    }<br> <br>    document.body.appendChild(logo);<br>    document.body.appendChild(warnDiv);<br>    document.body.appendChild(document.createElement('br'));<br>    document.body.appendChild(continueButton);<br> <br> <br>    document.body.style.background = "white";<br>    document.body.style.paddingLeft = "50px";<br>    document.body.style.paddingTop = "50px";<br>  }<br>&lt;/script&gt;<br>&lt;acx-root id="app-root"&gt;&lt;/acx-root&gt;<br>&lt;script&gt;<br> <br>  if(isOldBrowser)<br>  {<br>    document.getElementById('app-root').remove();<br>  }<br> <br>&lt;/script&gt;<br> <br> <br>&lt;script src="runtime-es2015.c8b4f8b9f34e10f3b2cc.js" type="module"&gt;&lt;/script&gt;&lt;script src="runtime-es5.c8b4f8b9f34e10f3b2cc.js" nomodule defer&gt;&lt;/script&gt;&lt;script src="polyfills-es5.fedbc22175096d5e7763.js" nomodule defer&gt;&lt;/script&gt;&lt;script src="polyfills-es2015.1dfcca7840949e58c787.js" type="module"&gt;&lt;/script&gt;&lt;script src="main-es2015.f13989217910576d338f.js" type="module"&gt;&lt;/script&gt;&lt;script src="main-es5.f13989217910576d338f.js" nomodule defer&gt;&lt;/script&gt;&lt;/body&gt;<br>&lt;/html&gt;<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416744472" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416744472-container');" onmouseover="this.style.cursor='pointer'">24260 - HyperText Transfer Protocol (HTTP) Information<div id="idp45188416744472-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416744472-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Some information about the remote HTTP configuration can be extracted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... <br> <br>This test is informational only and does not denote any security problem.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/01/30, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Response Code : HTTP/1.1 200 OK<br> <br>Protocol version : HTTP/1.1<br>SSL : yes<br>Keep-Alive : no<br>Options allowed : (Not implemented)<br>Headers :<br> <br>  Server: nginx/1.20.1<br>  Date: Mon, 18 Sep 2023 03:19:38 GMT<br>  Content-Type: text/html<br>  Content-Length: 2305<br>  Last-Modified: Thu, 18 May 2023 02:33:54 GMT<br>  Connection: keep-alive<br>  ETag: "64658e92-901"<br>  Strict-Transport-Security: max-age=63072000<br>  Accept-Ranges: bytes<br>  <br>Response Body :<br> <br>&lt;!DOCTYPE html&gt;&lt;html lang=en&gt;&lt;head&gt;&lt;meta charset=utf-8&gt;&lt;meta http-equiv=X-UA-Compatible content="IE=edge"&gt;&lt;meta name=referrer content=never&gt;&lt;meta name=viewport content="width=device-width,initial-scale=1"&gt;&lt;meta name=description content="旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。"&gt;&lt;title&gt;资产灯塔系统&lt;/title&gt;&lt;link href=/css/npm.ant-design-vue~ac50015d.5698995a.css rel=stylesheet&gt;&lt;link href=/css/npm.ant-design-vue~5f8813c1.680b71d4.css rel=stylesheet&gt;&lt;link href=/css/npm.ant-design-vue~4acf2f4a.ab870312.css rel=stylesheet&gt;&lt;link href=/css/npm.ant-design-vue~9a6beb85.3a1e913e.css rel=stylesheet&gt;&lt;link href=/css/npm.ant-design-vue~731d2fff.1b7a0c24.css rel=stylesheet&gt;&lt;link href=/css/npm.ant-design-vue~301ae65c.698f9410.css rel=stylesheet&gt;&lt;link href=/css/app~d0ae3f07.7b8ababe.css rel=stylesheet&gt;&lt;/head&gt;&lt;body&gt;&lt;noscript&gt;&lt;strong&gt;We're sorry but 资产灯塔系统 doesn't work properly without JavaScript enabled. Please enable it to continue.&lt;/strong&gt;&lt;/noscript&gt;&lt;div id=app&gt;&lt;/div&gt;&lt;script src=/js/runtime.a17de16b.js&gt;&lt;/script&gt;&lt;script src=/js/npm.core-js~987e6011.b6479e3d.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~ac50015d.7c330d84.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~5f8813c1.d2140e0d.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~4acf2f4a.d775f7f3.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~9a6beb85.01c84af1.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~731d2fff.3c247f2e.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~301ae65c.74d1b758.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~1a7f21e9.8e943d65.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~f99c446b.e6b72f64.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~33d5c1c7.34a1fc3f.js&gt;&lt;/script&gt;&lt;script src=/js/npm.ant-design-vue~85ffde94.a113f60f.js&gt;&lt;/script&gt;&lt;script src=/js/npm.lodash~2930ad93.0f50f20d.js&gt;&lt;/script&gt;&lt;script src=/js/npm.moment~0a56fd24.02de3ecf.js&gt;&lt;/script&gt;&lt;script src=/js/npm.vue~daa565d3.f8374a41.js&gt;&lt;/script&gt;&lt;script src=/js/vendors~app~253ae210.6ccf677e.js&gt;&lt;/script&gt;&lt;script src=/js/vendors~app~d939e436.211f1ac1.js&gt;&lt;/script&gt;&lt;script src=/js/vendors~app~678f84af.200eda30.js&gt;&lt;/script&gt;&lt;script src=/js/app~d0ae3f07.dcc54c0e.js&gt;&lt;/script&gt;&lt;/body&gt;&lt;/html&gt;<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416757528" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416757528-container');" onmouseover="this.style.cursor='pointer'">24260 - HyperText Transfer Protocol (HTTP) Information<div id="idp45188416757528-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416757528-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Some information about the remote HTTP configuration can be extracted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... <br> <br>This test is informational only and does not denote any security problem.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/01/30, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Response Code : HTTP/1.1 200 OK<br> <br>Protocol version : HTTP/1.1<br>SSL : yes<br>Keep-Alive : no<br>Options allowed : (Not implemented)<br>Headers :<br> <br>  Cache-Control: must-revalidate<br>  X-Frame-Options: DENY<br>  Content-Type: text/html<br>  ETag: f49c5268bdb3c95b45f4a9dca6a4dd79<br>  Connection: close<br>  X-XSS-Protection: 1; mode=block<br>  Server: NessusWWW<br>  Date: Mon, 18 Sep 2023 03:19:38 GMT<br>  X-Content-Type-Options: nosniff<br>  Content-Length: 1138<br>  Content-Security-Policy: upgrade-insecure-requests; block-all-mixed-content; form-action 'self'; frame-ancestors 'none'; frame-src https://store.tenable.com; default-src 'self'; connect-src 'self'; script-src 'self'; img-src 'self' data:; style-src 'self'; object-src 'none'; base-uri 'self';<br>  Strict-Transport-Security: max-age=31536000<br>  Expect-CT: max-age=0<br>  <br>Response Body :<br> <br>&lt;!doctype html&gt;<br>&lt;html lang="en"&gt;<br>    &lt;head&gt;<br>        &lt;meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /&gt;<br>        &lt;meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests; block-all-mixed-content; form-action 'self'; frame-src https://store.tenable.com; default-src 'self'; connect-src 'self'; script-src 'self'; img-src 'self' data:; style-src 'self'; object-src 'none'; base-uri 'self';" /&gt;<br>        &lt;meta name="viewport" content="width=device-width, initial-scale=1"&gt;<br>        &lt;meta charset="utf-8" /&gt;<br>        &lt;title&gt;Nessus&lt;/title&gt;<br>        &lt;link rel="stylesheet" href="nessus6.css?v=1648489990541" id="theme-link" /&gt;<br>        &lt;link rel="stylesheet" href="tenable_links.css?v=ac05d80f1e3731b79d12103cdf9367fc" /&gt;<br>        &lt;link rel="stylesheet" href="wizard_templates.css?v=e2f0b2cfab1e424d7108e4f0c48cb710" /&gt;<br>        &lt;!--[if lt IE 11]&gt;<br>            &lt;script&gt;<br>                window.location = '/unsupported6.html';<br>            &lt;/script&gt;<br>        &lt;![endif]--&gt;<br>        &lt;script src="nessus6.js?v=1648489990541"&gt;&lt;/script&gt;<br>        &lt;script src="pendo-client.js"&gt;&lt;/script&gt;<br>    &lt;/head&gt;<br>    &lt;body&gt;<br>    &lt;/body&gt;<br>&lt;/html&gt;<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416797464" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416797464-container');" onmouseover="this.style.cursor='pointer'">24260 - HyperText Transfer Protocol (HTTP) Information<div id="idp45188416797464-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416797464-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Some information about the remote HTTP configuration can be extracted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... <br> <br>This test is informational only and does not denote any security problem.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/01/30, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Response Code : HTTP/1.1 200 OK<br> <br>Protocol version : HTTP/1.1<br>SSL : yes<br>Keep-Alive : no<br>Headers :<br> <br>  Content-Type: text/html<br>  Content-Security-Policy: connect-src 'self' https://172.16.187.220:9090 wss://172.16.187.220:9090; form-action 'self' https://172.16.187.220:9090; base-uri 'self' https://172.16.187.220:9090; object-src 'none'; font-src 'self' https://172.16.187.220:9090 data:; img-src 'self' https://172.16.187.220:9090 data:; block-all-mixed-content; default-src 'self' https://172.16.187.220:9090 'unsafe-inline'<br>  Set-Cookie: cockpit=deleted; PATH=/; Secure; HttpOnly<br>  Transfer-Encoding: chunked<br>  Cache-Control: no-cache, no-store<br>  Connection: close<br>  X-DNS-Prefetch-Control: off<br>  Referrer-Policy: no-referrer<br>  X-Content-Type-Options: nosniff<br>  <br>Response Body :<br> <br>&lt;!DOCTYPE html&gt;<br>&lt;html&gt;<br>  &lt;head&gt;<br>    &lt;title&gt;Loading...&lt;/title&gt;<br>    &lt;meta http-equiv="Content-Type" content="text/html; charset=utf-8"&gt;<br>    &lt;meta name="viewport" content="width=device-width, initial-scale=1.0"&gt;<br>    &lt;meta name="robots" content="noindex"&gt;<br>    &lt;meta insert_dynamic_content_here&gt;&lt;script&gt;<br>(function (root, data) {<br>    window.cockpit_po = data;<br>/* The syntax of this line is important for po2json */<br>}(this, {"":{"language":"en"}}));<br>&lt;/script&gt;<br>&lt;base href="/"&gt;<br>    &lt;script&gt;<br>var environment = {"page":{"connect":false,"require_host":false},"hostname":"kubespray","os-release":{"NAME":"CentOS Linux","ID":"centos","PRETTY_NAME":"CentOS Linux 7 (Core)","CPE_NAME":"cpe:/o:centos:centos:7","ID_LIKE":"rhel fedora"}};<br>    &lt;/script&gt;<br>    &lt;script&gt;<br>/* global XMLHttpRequest */<br>(function(a) {<br>    var r;<br>    /* Some browsers fail localStorage access due to corruption, preventing Cockpit login */    try {<br>        r = window.localStorage;<br>        window.localStorage.removeItem("url-root");<br>    } catch (e) {<br>        r = window.sessionStorage;<br>        a.warn(String(e));<br>    }<br>    var s;<br>    var l = window.environment || {};<br>    var u = l.OAuth || null;<br>    if (u) {<br>        if (!u.TokenParam) u.TokenParam = "access_token";<br>        if (!u.ErrorParam) u.ErrorParam = "error_description";<br>    }<br>    var t = /\$\{([^}]+)\}|\$([a-zA-Z0-9_]+)/g;<br>    function c(e /* ... */) {<br>        var o = Array.prototype.slice.call(arguments, 1);<br>        return e.replace(t, function(e, t, n) {<br>            return o[t || n] || "";<br>        });<br>    }<br>    function n(e) {<br>        if (window.cockpit_po) {<br>            var t = window.cockpit_po[e];<br>            if (t &amp;&amp; t[1]) return t[1];<br>        }<br>        return e;<br>    }<br>    function i() {<br>        if (!document.querySelectorAll) return;<br>        var e = document.querySelectorAll("[translate]");<br>        for (var t = 0; t &lt; e.length; t++) e[t].textContent = n(e[t].textContent);<br>    }<br>    var d = n;<br>    var f, p, w, v;<br>    var o = /[?&amp;]?([^=]+)=([^&amp;]*)/g;<br>    var g = null;<br>    function y(e) {<br>        e = e.split("+").join(" ");<br>        var t = {};<br>        var n;<br>        for (;;) {<br>            n = o.exec(e);<br>            if (!n) break;<br>            t[decodeURIComponent(n[1])] = decodeURIComponent(n[2]);<br>        }<br>        return t;<br>    }<br>    if (!a) a = function() {};<br>    function m(e) {<br>        return document.getElementById(e);<br>    }<br>    function h(e) {<br>        if (window.console) a.warn("fatal:", e);<br>        m("login-again").style.display = "none";<br>        m("login-wait-validating").style.display = "none";<br>        if (g) {<br>            m("login-again").href = g;<br>            m("login-again").style.display = "block";<br>        }<br>        m("login").style.display = "none";<br>        m("login-details").style.display = "none";<br>        m("login-fatal").style.display = "block";<br>        var t = m("login-fatal-message");<br>        t.textContent = "";<br>        t.appendChild(document.createTextNode(e));<br>    }<br>    function b(e, t) {<br>        var n;<br>        var o = m(e);<br>        if (o &amp;&amp; window.getComputedStyle) n = window.getComputedStyle(o, ":before");<br>        if (!n) return;<br>        var i;<br>        var r = n.content;<br>        if (r &amp;&amp; r != "none" &amp;&amp; r != "normal") {<br>            i = r.length;<br>            if ((r[0] === '"' || r[0] === "'") &amp;&amp; i &gt; 2 &amp;&amp; r[i - 1] === r[0]) r = r.substr(1, i - 2);<br>            o.innerHTML = r || t;<br>        } else {<br>            o.removeAttribute("class");<br>        }<br>    }<br>    function k() {<br>        function o(e) {<br>            if (window.console) a.warn(c(d("This web browser is too old to run Cockpit (missing $0)"), e));<br>            m("login").style.display = "none";<br>            m("login-details").style.display = "none";<br>            m("unsupported-browser").style.display = "block";<br>            document.body.className += " brand-unsupported-browser";<br>        }<br>        function e(t, e) {<br>            var n;<br>            try {<br>                n = e[t];<br>            } catch (e) {<br>                h(c(d("The web browser configuration prevents Cockpit from running (inaccessible $0)"), t));<br>                throw e;<br>            }<br>            if (n === undefined) {<br>                o();<br>                return false;<br>            }<br>            return true;<br>        }<br>        function t() {<br>            /*<br>             * Be certain to use parenthesis when checking CSS strings<br>             * as Edge is oddly particular.<br>             *<br>             * Instead of "display: inline", use:<br>             * "(display: inline)"<br>             *        or<br>             * "display", "inline"<br>             */<br>            var e = [].join.call(arguments, ": ");<br>            if (!window.CSS.supports.apply(this, arguments)) {<br>                h(c(d("The web browser configuration prevents Cockpit from running (inaccessible $0)"), e));<br>                o(e);<br>                return false;<br>            }<br>            return true;<br>        }<br>        return ("MozWebSocket" in window || e("WebSocket", window)) &amp;&amp; e("XMLHttpRequest", window) &amp;&amp; e("sessionStorage", window) &amp;&amp; e("JSON", window) &amp;&amp; e("defineProperty", Object) &amp;&amp; e("console", window) &amp;&amp; e("pushState", window.history) &amp;&amp; e("textContent", document) &amp;&amp; e("CSS", window) &amp;&amp; e("supports", window.CSS) &amp;&amp; t("display", "flex") &amp;&amp; t("display", "grid");<br>    }<br>    function x(e) {<br>        return e.replace(/^\s+|\s+$/g, "");<br>    }<br>    /* Sets values for application, url_root and login_path */    function S(e) {<br>        var t = document.createElement("a");<br>        var n = document.baseURI;<br>        var o;<br>        /* Some IEs don't support baseURI */        if (!n) {<br>            o = document.getElementsByTagName("base");<br>            if (o.length &gt; 0) n = o[0].href; else n = "/";<br>        }<br>        e = e || "/";<br>        t.href = n;<br>        if (t.pathname != "/") {<br>            s = t.pathname.replace(/^\/+|\/+$/g, "");<br>            r.setItem("url-root", s);<br>            if (s &amp;&amp; e.indexOf("/" + s) === 0) e = e.replace("/" + s, "") || "/";<br>        }<br>        if (e.indexOf("/=") === 0) {<br>            l.hostname = e.substring(2);<br>            e = "/cockpit+" + e.split("/")[1];<br>        } else if (e.indexOf("/cockpit/") !== 0 &amp;&amp; e.indexOf("/cockpit+") !== 0) {<br>            e = "/cockpit";<br>        }<br>        p = e.split("/")[1];<br>        f = "/" + p + "/login";<br>        if (s) f = "/" + s + f;<br>        v = p;<br>        w = f;<br>    }<br>    function T(e, t) {<br>        // On keypress, only accept spacebar (enter acts as a click)<br>        if (e &amp;&amp; e.type === "keypress" &amp;&amp; e.key !== " ") return;<br>        // Stop the &lt;a&gt;'s click handler, otherwise it causes a page reload<br>                if (e &amp;&amp; e.type === "click") e.preventDefault();<br>        if (t === undefined) t = m("server-group").style.display === "none";<br>        m("option-group").setAttribute("data-state", t);<br>        if (t) {<br>            m("server-group").style.display = "block";<br>            m("option-caret").setAttribute("class", "caret caret-down");<br>            m("option-caret").setAttribute("className", "caret caret-down");<br>        } else {<br>            m("server-group").style.display = "none";<br>            m("option-caret").setAttribute("class", "caret caret-right");<br>            m("option-caret").setAttribute("className", "caret caret-right");<br>        }<br>    }<br>    function e() {<br>        window.onload = null;<br>        i();<br>        S(window.location.pathname);<br>        /* Determine if we are nested or not, and switch styles */        if (window.location.pathname.indexOf("/" + s + "/cockpit/") === 0 || window.location.pathname.indexOf("/" + s + "/cockpit+") === 0) document.documentElement.setAttribute("class", "inline");<br>        // Setup title<br>                var e = l.page.title;<br>        if (!e || p.indexOf("cockpit+=") === 0) e = l.hostname;<br>        document.title = e;<br>        if (p.indexOf("cockpit+=") === 0) {<br>            m("brand").style.display = "none";<br>            m("badge").style.visibility = "hidden";<br>        } else {<br>            b("badge", "");<br>            b("brand", "Cockpit");<br>        }<br>        if (!k()) return;<br>        m("show-other-login-options").addEventListener("click", T);<br>        m("show-other-login-options").addEventListener("keypress", T);<br>        m("server-clear").addEventListener("click", function() {<br>            var e = m("server-field");<br>            e.value = "";<br>            e.focus();<br>        });<br>        /* Setup the user's last choice about the authorized button */        var t = r.getItem("authorized-default") || "";<br>        if (t.indexOf("password") !== -1) m("authorized-input").checked = true;<br>        var n = l["os-release"];<br>        if (n) r.setItem("os-release", JSON.stringify(n));<br>        var o = window.sessionStorage.getItem("logout-intent") == "explicit";<br>        if (o) window.sessionStorage.removeItem("logout-intent");<br>        /* Try automatic/kerberos authentication? */        if (u) {<br>            m("login-details").style.display = "none";<br>            m("login").style.display = "none";<br>            if (o) {<br>                O();<br>                m("login-again").textContent = d("Login Again");<br>                h(d("Logout Successful"));<br>            } else {<br>                I();<br>            }<br>        } else if (o) {<br>            z();<br>        } else {<br>            C();<br>        }<br>    }<br>    function C() {<br>        var e = new XMLHttpRequest();<br>        e.open("GET", f, true);<br>        e.onreadystatechange = function() {<br>            if (e.readyState == 4) {<br>                if (e.status == 200) {<br>                    j(JSON.parse(e.responseText));<br>                } else if (e.status == 401) {<br>                    z();<br>                } else if (e.statusText) {<br>                    h(decodeURIComponent(e.statusText));<br>                } else if (e.status === 0) {<br>                    z();<br>                } else {<br>                    h(c(d("$0 error"), e.status));<br>                }<br>            }<br>        };<br>        e.send();<br>    }<br>    function O() {<br>        var e = window.location.href.split("#", 2);<br>        g = u.URL;<br>        if (u.URL.indexOf("?") &gt; -1) g += "&amp;"; else g += "?";<br>        g += "redirect_uri=" + encodeURIComponent(e[0]);<br>    }<br>    function I() {<br>        var e = document.createElement("a");<br>        if (!u.URL) return h(d("Cockpit authentication is configured incorrectly."));<br>        var t = y(window.location.search);<br>        if (!window.location.search &amp;&amp; window.location.hash) t = y(window.location.hash.slice(1));<br>        /* Not all providers allow hashes in redirect urls */        var n, o, i;<br>        O();<br>        if (t[u.TokenParam]) {<br>            if (window.sessionStorage.getItem("login-wanted")) {<br>                e.href = window.sessionStorage.getItem("login-wanted");<br>                S(e.pathname);<br>            }<br>            n = t[u.TokenParam];<br>            m("login-wait-validating").style.display = "block";<br>            i = new XMLHttpRequest();<br>            i.open("GET", f, true);<br>            i.setRequestHeader("Authorization", "Bearer " + n);<br>            i.onreadystatechange = function() {<br>                if (i.readyState == 4) {<br>                    if (i.status == 200) {<br>                        j(JSON.parse(i.responseText));<br>                    } else {<br>                        o = $(i.getResponseHeader("WWW-Authenticate"), i.responseText);<br>                        if (o) P(o); else h(decodeURIComponent(i.statusText));<br>                    }<br>                }<br>            };<br>            i.send();<br>        } else if (t[u.ErrorParam]) {<br>            h(t[u.ErrorParam]);<br>        } else {<br>            /* Store url we originally wanted in case we<br>             * had to strip a hash or query params<br>             */<br>            window.sessionStorage.setItem("login-wanted", window.location.href);<br>            window.location = g;<br>        }<br>    }<br>    function E() {<br>        m("error-group").style.display = "none";<br>        m("login-error-message").textContent = "";<br>    }<br>    function L(e, t) {<br>        E();<br>        if (e) {<br>            /* OAuth failures are always fatal */<br>            if (u) {<br>                h(e);<br>            } else {<br>                N(t);<br>                m("login-error-message").textContent = e;<br>                m("error-group").style.display = "block";<br>            }<br>        }<br>    }<br>    function A(e) {<br>        var t = m("server-field").value;<br>        if (!t) {<br>            L(e, false);<br>        } else {<br>            E();<br>            m("login-error-message").textContent = e;<br>            m("error-group").style.display = "block";<br>            T(null, true);<br>            N();<br>        }<br>    }<br>    function R(e) {<br>        var t = m("login-note");<br>        if (e) {<br>            t.style.display = "block";<br>            t.textContent = e;<br>        } else {<br>            t.innerHTML = "&amp;nbsp;";<br>        }<br>    }<br>    function H() {<br>        return l.page.require_host &amp;&amp; v.indexOf("cockpit+=") === -1;<br>    }<br>    function U() {<br>        L(null);<br>        var e;<br>        var t = x(m("login-user-input").value);<br>        if (t === "") {<br>            L(d("User name cannot be empty"));<br>        } else if (H() &amp;&amp; m("server-field").value === "") {<br>            L(d("Please specify the host to connect to"));<br>        } else {<br>            e = m("server-field").value;<br>            if (e) {<br>                p = "cockpit+=" + e;<br>                f = w.replace("/" + v + "/", "/" + p + "/");<br>            } else {<br>                p = v;<br>                f = w;<br>            }<br>            m("server-name").textContent = e || l.hostname;<br>            m("login-button").removeEventListener("click", U);<br>            /* When checked we tell the server to keep authentication */            var n = m("authorized-input").checked ? "password" : "";<br>            var o = m("login-password-input").value;<br>            r.setItem("authorized-default", n);<br>            var i = {<br>                Authorization: "Basic " + window.btoa(q(t + ":" + o)),<br>                "X-Authorize": n<br>            };<br>            // allow unknown remote hosts with interactive logins with "Connect to:"<br>                        if (e) i["X-SSH-Connect-Unknown-Hosts"] = "yes";<br>            J("GET", i, false);<br>        }<br>    }<br>    function N(e) {<br>        var t = l.page.connect;<br>        var n = m("option-group").getAttribute("data-state");<br>        m("login-wait-validating").style.display = "none";<br>        m("login").style.visibility = "visible";<br>        m("login").style.display = "block";<br>        m("user-group").style.display = e ? "none" : "block";<br>        m("password-group").style.display = e ? "none" : "block";<br>        m("conversation-group").style.display = e ? "block" : "none";<br>        m("login-button-text").textContent = d("Log In");<br>        m("login-password-input").value = "";<br>        if (H()) {<br>            m("option-group").style.display = "none";<br>            n = true;<br>        } else {<br>            m("option-group").style.display = !t || e ? "none" : "block";<br>        }<br>        if (!t || e) {<br>            m("server-group").style.display = "none";<br>        } else {<br>            m("server-group").style.display = n ? "block" : "none";<br>        }<br>        m("login-button").removeAttribute("disabled");<br>        if (!e) m("login-button").addEventListener("click", U);<br>    }<br>    function z() {<br>        /* Show the login screen */<br>        m("server-name").textContent = document.title;<br>        R(d("Log in with your server user account."));<br>        m("login-user-input").addEventListener("keydown", function(e) {<br>            L(null);<br>            if (e.which == 13) m("login-password-input").focus();<br>        }, false);<br>        var e = function(e) {<br>            L(null);<br>            if (e.which == 13) U();<br>        };<br>        m("login-password-input").addEventListener("keydown", e);<br>        m("authorized-input").addEventListener("keydown", e);<br>        N();<br>        m("login-user-input").focus();<br>    }<br>    function P(e) {<br>        var t = e.echo ? "text" : "password";<br>        m("conversation-prompt").textContent = e.prompt;<br>        var n = m("conversation-message");<br>        var o = e.error || e.message;<br>        if (o) {<br>            n.textContent = o;<br>            n.style.display = "block";<br>        } else {<br>            n.style.display = "none";<br>        }<br>        var i = m("conversation-input");<br>        i.value = "";<br>        if (e["default"]) i.value = e["default"];<br>        i.setAttribute("type", t);<br>        i.focus();<br>        L("");<br>        function r() {<br>            m("conversation-input").removeEventListener("keydown", s);<br>            m("login-button").removeEventListener("click", r);<br>            L(null, true);<br>            W(e.id, m("conversation-input").value);<br>        }<br>        function s(e) {<br>            L(null, true);<br>            if (e.which == 13) {<br>                r();<br>            }<br>        }<br>        m("conversation-input").addEventListener("keydown", s);<br>        m("login-button").addEventListener("click", r);<br>        N(true);<br>    }<br>    function q(e) {<br>        return window.unescape(encodeURIComponent(e));<br>    }<br>    function $(e, t) {<br>        var n;<br>        var o;<br>        var i;<br>        var r;<br>        if (!e) return null;<br>        n = e.split(" ");<br>        if (n[0].toLowerCase() !== "x-conversation" &amp;&amp; n.length != 3) return null;<br>        r = n[1];<br>        try {<br>            o = window.atob(n[2]);<br>        } catch (e) {<br>            if (window.console) a.error("Invalid prompt data", e);<br>            return null;<br>        }<br>        try {<br>            i = JSON.parse(t);<br>        } catch (e) {<br>            if (window.console) a.log("Got invalid JSON response for prompt data", e);<br>            i = {};<br>        }<br>        i.id = r;<br>        i.prompt = o;<br>        return i;<br>    }<br>    function J(e, t, n) {<br>        m("login-button").setAttribute("disabled", "true");<br>        var o = new XMLHttpRequest();<br>        o.open("GET", f, true);<br>        var i;<br>        var r;<br>        var s;<br>        for (s in t) o.setRequestHeader(s, t[s]);<br>        o.onreadystatechange = function() {<br>            if (o.readyState != 4) {<br>                return;<br>            } else if (o.status == 200) {<br>                var e = JSON.parse(o.responseText);<br>                j(e);<br>            } else if (o.status == 401) {<br>                r = o.getResponseHeader("WWW-Authenticate");<br>                if (r &amp;&amp; r.toLowerCase().indexOf("x-conversation") === 0) {<br>                    i = $(r, o.responseText);<br>                    if (i) P(i); else h(d("Internal Error: Invalid challenge header"));<br>                } else {<br>                    if (window.console) a.log(o.statusText);<br>                    if (o.statusText.indexOf("authentication-not-supported") &gt; -1) {<br>                        var t = x(m("login-user-input").value);<br>                        h(c(d("The server refused to authenticate '$0' using password authentication, and no other supported authentication methods are available."), t));<br>                    } else if (o.statusText.indexOf("terminated") &gt; -1) {<br>                        L(d("Authentication Failed: Server closed connection"));<br>                    } else if (o.statusText.indexOf("no-host") &gt; -1) {<br>                        A(d("Unable to connect to that address"));<br>                    } else if (o.statusText.indexOf("unknown-hostkey") &gt; -1) {<br>                        A(d("Refusing to connect. Hostkey is unknown"));<br>                    } else if (o.statusText.indexOf("unknown-host") &gt; -1) {<br>                        A(d("Refusing to connect. Host is unknown"));<br>                    } else if (o.statusText.indexOf("invalid-hostkey") &gt; -1) {<br>                        A(d("Refusing to connect. Hostkey does not match"));<br>                    } else if (n) {<br>                        L(d("Authentication failed"));<br>                    } else {<br>                        L(d("Wrong user name or password"));<br>                    }<br>                }<br>            } else if (o.status == 403) {<br>                L(decodeURIComponent(o.statusText) || d("Permission denied"));<br>            } else if (o.statusText) {<br>                h(decodeURIComponent(o.statusText));<br>            } else {<br>                h(c(d("$0 error"), o.status));<br>            }<br>            m("login-button").removeAttribute("disabled");<br>        };<br>        o.send();<br>    }<br>    function W(e, t) {<br>        var n = {<br>            Authorization: "X-Conversation " + e + " " + window.btoa(q(t))<br>        };<br>        J("GET", n, true);<br>    }<br>    function M(e) {<br>        // Force a reload if not triggered below<br>        // because only the hash part of the url<br>        // changed<br>        var t = window.setTimeout(function() {<br>            t = null;<br>            window.location.reload(true);<br>        }, 100);<br>        if (e &amp;&amp; e != window.location.href) window.location = e;<br>        // cancel forced reload if we are reloading<br>                window.onbeforeunload = function() {<br>            if (t) window.clearTimeout(t);<br>            t = null;<br>        };<br>    }<br>    function X(n) {<br>        var e = "/" + p + "/@localhost/";<br>        if (s) e = "/" + s + e;<br>        var o = e + "shell/index.html";<br>        var i = new XMLHttpRequest();<br>        i.open("GET", e + "manifests.json", true);<br>        i.onreadystatechange = function() {<br>            if (i.readyState == 4) {<br>                if (i.status == 200) {<br>                    var e = JSON.parse(i.responseText);<br>                    var t = e ? e["base1"] : {};<br>                    if (!t["version"] || t["version"] &lt; "119.x") {<br>                        M(o);<br>                    } else M(n);<br>                } else {<br>                    M(o);<br>                }<br>            }<br>        };<br>        i.send();<br>    }<br>    function G(e, t, n) {<br>        var o = 0;<br>        while (o &lt; e.length) {<br>            var i = e.key(o);<br>            if (n &amp;&amp; i.indexOf("cockpit") !== 0) e.removeItem(i); else if (i.indexOf(t) === 0) e.removeItem(i); else o++;<br>        }<br>    }<br>    function _(e) {<br>        /* Clear anything not prefixed with<br>         * different application from sessionStorage<br>         */<br>        G(window.sessionStorage, p, true);<br>        /* Clear anything prefixed with our application<br>         * and login-data, but not other non-application values.<br>         */        r.removeItem("login-data");<br>        G(r, p, false);<br>        var t;<br>        if (e &amp;&amp; e["login-data"]) {<br>            t = JSON.stringify(e["login-data"]);<br>            /* login-data is tied to the auth cookie, since<br>             * cookies are available after the page<br>             * session ends login-data should be too.<br>             */            r.setItem(p + "login-data", t);<br>            /* Backwards compatbility for packages that aren't application prefixed */            r.setItem("login-data", t);<br>        }<br>        /* URL Root is set by cockpit ws and shouldn't be prefixed<br>         * by application<br>         */        if (s) r.setItem("url-root", s);<br>    }<br>    function j(e) {<br>        var t = window.sessionStorage.getItem("login-wanted");<br>        var n = m("server-field").value;<br>        if (n &amp;&amp; p != v) {<br>            t = "/=" + n;<br>            if (s) t = "/" + s + t;<br>        }<br>        /* clean up sessionStorage. clear anything that isn't prefixed<br>         * with an application and anything prefixed with our application.<br>         */        G(window.sessionStorage, p, false);<br>        _(e);<br>        /* Make sure that the base1 version is new enough to handle<br>         * urls that reference machines.<br>         */        if (p.indexOf("cockpit+=") === 0) {<br>            X(t);<br>        } else {<br>            M(t);<br>        }<br>    }<br>    window.onload = e;<br>})(window.console);<br>//# sourceMappingURL=login.min.js.map    &lt;/script&gt;<br>    &lt;style&gt;<br>#option-group,.btn,.cross,button{cursor:pointer}<br>.btn,label{font-weight:600}<br>.btn,img{vertical-align:middle}<br>html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;font-size:62.5%;-webkit-tap-highlight-color:transparent}<br>body{margin:0;font-family:"Open Sans",Helvetica,Arial,sans-serif;font-size:12px;line-height:1.66666667;background-color:#fff}<br>a{background:0 0;color:#0099d3;text-decoration:none}<br>.btn,.btn:active{background-image:none}<br>a:focus{outline:dotted thin;outline:-webkit-focus-ring-color auto 5px;outline-offset:-2px}<br>a:active,a:hover{outline:0}<br>a:focus,a:hover{color:#00618a;text-decoration:underline}<br>img{border:0}<br>button,input,select,textarea{font-family:inherit;margin:0;font-size:inherit;line-height:inherit}<br>button,input{line-height:normal}<br>.btn,.form-control{line-height:1.66666667}<br>button,select{text-transform:none}<br>button{-webkit-appearance:button;overflow:visible}<br>button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}<br>*,:after,:before{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}<br>p{margin:0 0 10px}<br>.container{margin-right:auto;margin-left:auto;padding-left:20px;padding-right:20px}<br>.form-group,.row{margin-right:-20px}<br>.container:after,.container:before,.row:after,.row:before{content:" ";display:table}<br>.container:after,.row:after{clear:both}<br>@media (min-width:768px){.container{width:760px}<br>}<br>@media (min-width:992px){.container{width:980px}<br>}<br>@media (min-width:1200px){.container{width:1180px}<br>}<br>.row{margin-left:-20px}<br>.col-lg-5,.col-lg-7,.col-md-10,.col-md-2,.col-md-6,.col-sm-1,.col-sm-10,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-5,.col-sm-6,.col-sm-7,.col-xs-12{position:relative;min-height:1px;padding-left:20px;padding-right:20px}<br>.col-xs-12{float:left;width:100%}<br>@media (min-width:768px){.col-sm-1,.col-sm-10,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-5,.col-sm-6,.col-sm-7{float:left}<br>.col-sm-12{width:100%}<br>.col-sm-10{width:83.33333333333334%}<br>.col-sm-7{width:58.333333333333336%}<br>.col-sm-6{width:50%}<br>.col-sm-5{width:41.66666666666667%}<br>.col-sm-3{width:25%}<br>.col-sm-2{width:16.666666666666664%}<br>.col-sm-1{width:8.333333333333332%}<br>.col-sm-offset-2{margin-left:16.666666666666664%}<br>.control-label{text-align:right}<br>}<br>@media (min-width:992px){.col-md-10,.col-md-2,.col-md-6{float:left}<br>.col-md-10{width:83.33333333333334%}<br>.col-md-6{width:50%}<br>.col-md-2{width:16.666666666666664%}<br>}<br>@media (min-width:1200px){.col-lg-5,.col-lg-7{float:left}<br>.col-lg-7{width:58.333333333333336%}<br>.col-lg-5{width:41.66666666666667%}<br>}<br>label{display:inline-block;margin-bottom:5px}<br>.form-control{height:26px;color:#333}<br>.form-control[type=text],.form-control[type=password]{display:block;width:100%;padding:2px 6px;font-size:12px;background-color:#fff;background-image:none;border:1px solid #bababa;border-radius:1px;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 1px rgba(0,0,0,.075);-webkit-transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s;transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s}<br>.form-control:focus{border-color:#66afe9;outline:0;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 8px rgba(102,175,233,.6);box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 8px rgba(102,175,233,.6)}<br>.form-control:-moz-placeholder{color:#999;font-style:italic}<br>.form-control::-moz-placeholder{color:#999;font-style:italic;opacity:1}<br>.form-control:-ms-input-placeholder{color:#999;font-style:italic}<br>.form-control::-webkit-input-placeholder{color:#999;font-style:italic}<br>.help-block{display:block;margin-top:5px;margin-bottom:10px;color:#737373}<br>.control-label{margin-top:0;margin-bottom:0;padding-top:3px}<br>.form-group{margin-left:-20px}<br>.form-group:after{clear:both;margin-bottom:15px}<br>.form-group:after,.form-group:before{content:" ";display:table}<br>.btn{display:inline-block;margin-bottom:0;text-align:center;border:1px solid transparent;white-space:nowrap;padding:2px 6px;font-size:12px;border-radius:1px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;-o-user-select:none;user-select:none;-webkit-box-shadow:0 2px 3px rgba(0,0,0,.1);box-shadow:0 2px 3px rgba(0,0,0,.1)}<br>.btn:focus{outline:dotted thin;outline:-webkit-focus-ring-color auto 5px;outline-offset:-2px}<br>.btn:focus,.btn:hover{color:#4d5258;text-decoration:none}<br>.alert-danger,.btn-primary,.login-pf .container .help-block,body{color:#fff}<br>.btn:active{outline:0;-webkit-box-shadow:inset 0 2px 8px rgba(0,0,0,.2);box-shadow:inset 0 2px 8px rgba(0,0,0,.2)}<br>.btn-lg{padding:6px 10px;font-size:14px;line-height:1.33;border-radius:1px}<br>@-ms-viewport{width:device-width}<br>.btn-primary{background-color:#189ad1;background-image:-webkit-linear-gradient(top,#1cace8 0,#1998cc 100%);background-image:linear-gradient(to bottom,#1cace8 0,#1998cc 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff1cace8', endColorstr='#ff1998cc', GradientType=0);border-color:#267da1}<br>.btn-primary:active,.btn-primary:focus,.btn-primary:hover{background-color:#189ad1;background-image:none;border-color:#267da1;color:#fff}<br>.btn-primary:active{background-image:none}<br>@font-face{font-family:'Open Sans';font-style:normal;font-weight:400;src:url(cockpit/static/fonts/OpenSans-Regular-webfont.woff) format('woff')}<br>@font-face{font-family:'Open Sans';font-style:normal;font-weight:700;src:url(cockpit/static/fonts/OpenSans-Bold-webfont.woff) format('woff')}<br>.form-control:hover{border-color:#7BB2DD}<br>.login-pf{height:100%}<br>.login-pf #brand{position:relative;top:-70px}<br>.login-pf #brand img{display:block;margin:0 auto;max-width:100%}<br>@media (min-width:768px){.login-pf #brand img{margin:0;text-align:left}<br>}<br>.login-pf #badge{display:block;margin:20px auto 70px;position:relative;text-align:center}<br>.login-pf .container{background-color:#181818;background-color:rgba(255,255,255,.055);clear:right;padding-bottom:40px;padding-top:20px;width:auto}<br>@media (min-width:768px){.login-pf #badge{float:right;margin-right:64px;margin-top:50px}<br>.login-pf .container{bottom:13%;padding-left:80px;position:absolute;width:100%}<br>}<br>.login-pf .container .details p:first-child{border-top:1px solid #474747;padding-top:25px;margin-top:25px}<br>@media (min-width:768px){.login-pf .container .login-area{border-right:1px solid #474747}<br>.login-pf .container .details{padding-left:40px}<br>.login-pf .container .details p:first-child{border-top:0;padding-top:0;margin-top:0}<br>}<br>.login-pf .container .details p{margin-bottom:2px}<br>.login-pf .container .control-label{font-size:13px;font-weight:400;text-align:left}<br>.login-pf .container .form-group:last-child,.login-pf .container .form-group:last-child .help-block:last-child{margin-bottom:0}<br>@-webkit-keyframes rotation{from{-webkit-transform:rotate(0)}<br>to{-webkit-transform:rotate(359deg)}<br>}<br>@keyframes rotation{from{transform:rotate(0)}<br>to{transform:rotate(359deg)}<br>}<br>.spinner{-webkit-animation:rotation .6s infinite linear;animation:rotation .6s infinite linear;border-bottom:4px solid rgba(0,0,0,.25);border-left:4px solid rgba(0,0,0,.25);border-right:4px solid rgba(0,0,0,.25);border-radius:100%;border-top:4px solid rgba(0,0,0,.75);height:24px;margin:4px 0 0;position:relative;width:24px}<br>.alert{padding:7px 11px;margin-bottom:20px;border:2px solid transparent;border-radius:1px}<br>.alert-danger{background:0 0;border-color:#c00;font-weight:700}<br>#option-group{margin-left:-20px;margin-right:-20px}<br>#option-group a{color:inherit}<br>#server-group:before{clear:both;margin-top:5px}<br>.login-fatal{font-size:130%}<br>.unsupported-browser ul{color:#aaa;display:inline-block;margin:0 auto;text-align:left}<br>.unsupported-browser a{color:#fff;font-weight:700;text-decoration:underline}<br>.cross,.inline .container .help-block{color:#000}<br>.login-browser-recommendations{margin-top:6rem}<br>@media screen and (max-width:480px){.unsupported-browser .container&gt;.row&gt;.col-sm-12{position:static}<br>}<br>@media screen and (min-width:481px){.brand-unsupported-browser #brand{margin-left:-40px;position:absolute;text-align:center;width:100%}<br>.unsupported-browser{font-size:140%;margin-left:-30px;text-align:center}<br>.unsupported-browser-heading{font-size:3rem;left:50%;margin:0 0 0 -32rem;position:absolute;text-align:center;top:-16rem;width:64rem}<br>.login-browser-recommendations h3{font-weight:400;margin-top:0}<br>}<br>.caret,.server-box{position:relative}<br>#login-wait-validating div{float:left}<br>.conversation-prompt{white-space:normal;word-wrap:break-word}<br>.control-label{white-space:nowrap;font-size:13px}<br>.spinner{border-color:rgba(255,255,255,.75) rgba(255,255,255,.25) rgba(255,255,255,.25)}<br>.inline #badge,.inline #brand,.inline #login-details{display:none}<br>.inline body{background:0 0!important;color:#000}<br>@media (min-width:768px){.login-button-container{float:right}<br>}<br>.caret{display:inline-block;top:4px}<br>.caret-down{transform:rotate(90deg);-moz-transform:rotate(90deg);-webkit-transform:rotate(90deg);transform-origin:8px 8px;-moz-transform-origin:8px 8px;-webkit-transform-origin:8px 8px}<br>.cross{position:absolute;right:25px;top:2px;font-weight:700;font-size:14px;opacity:.7}<br>#option-group:hover svg,.cross:hover{opacity:1}<br>#option-group div{margin-left:-3px;margin-top:3px;margin-bottom:10px}<br>#option-group svg{opacity:.7}<br>#authorized-input{width:13px;height:13px;padding:0;vertical-align:bottom;margin:8px 5px 3px 0}<br>#login-button{padding:7px}<br>#login-button .spinner{display:none}<br>#login-button[disabled]{padding:0;background-color:#333;background-image:none;border-color:#555}<br>#login-button[disabled] .spinner{display:inline-block}<br>#login-button[disabled] #login-button-text,.hide-before:before{display:none}<br>@media (max-width:480px){.login-pf{display:flex;flex-direction:column-reverse;height:auto;position:relative}<br>.row{display:flex;flex-direction:column}<br>.login-pf .container{width:100%}<br>.login-pf #badge{max-width:33vw;margin:3rem auto;height:8rem;padding:0;background-position:50% 100%}<br>.container&gt;.row&gt;.col-sm-12{order:1;position:absolute;bottom:0;left:0;width:100%;text-align:center}<br>.login-pf #brand{position:static;font-size:inherit;background-position:50% 50%}<br>.details{text-align:center}<br>}<br>/*# sourceMappingURL=login.min.css.map */    &lt;/style&gt;<br>    &lt;link href="cockpit/static/branding.css" type="text/css" rel="stylesheet"&gt;<br>  &lt;/head&gt;<br>  &lt;body class="login-pf"&gt;<br>    &lt;span id="badge"&gt;<br>    &lt;/span&gt;<br>    &lt;div class="container"&gt;<br>      &lt;div class="row"&gt;<br>        &lt;div class="col-sm-12"&gt;<br>          &lt;div id="brand" class="hide-before"&gt;<br>          &lt;/div&gt;&lt;!--/#brand--&gt;<br>        &lt;/div&gt;&lt;!--/.col-*--&gt;<br> <br>        &lt;div id="login" class="col-sm-7 col-md-6 col-lg-5 login-area" style="visibility: hidden;"&gt;<br>          &lt;div role="form"&gt;<br> <br>            &lt;div id="error-group" class="alert alert-danger" hidden&gt;<br>              &lt;span id="login-error-message"&gt;&lt;/span&gt;<br>            &lt;/div&gt;<br> <br>            &lt;div id="conversation-group" class="form-group" hidden&gt;<br>              &lt;div class="col-sm-12 col-md-12"&gt;<br>                &lt;div id="conversation-message"&gt;&lt;/div&gt;<br>                &lt;label id="conversation-prompt" for="conversation-input"&gt;&lt;/label&gt;<br>              &lt;/div&gt;<br>              &lt;div class="col-sm-12 col-md-12"&gt;<br>                &lt;input type="password" class="form-control" id="conversation-input"&gt;<br>              &lt;/div&gt;<br>            &lt;/div&gt;<br> <br>            &lt;div id="user-group" class="form-group"&gt;<br>              &lt;label for="login-user-input" class="col-sm-2 col-md-2 control-label" translate&gt;User name&lt;/label&gt;<br>              &lt;div class="col-sm-10 col-md-10"&gt;<br>                &lt;input type="text" class="form-control" id="login-user-input" autocorrect="off" autocapitalize="none" autofocus&gt;<br>              &lt;/div&gt;<br>            &lt;/div&gt;<br> <br>            &lt;div id="password-group" class="form-group"&gt;<br>              &lt;label for="login-password-input" class="col-sm-2 col-md-2 control-label" translate&gt;Password&lt;/label&gt;<br>              &lt;div class="col-sm-10 col-md-10"&gt;<br>                &lt;input type="password" class="form-control" id="login-password-input"&gt;<br>              &lt;/div&gt;<br>              &lt;div class="col-sm-2 col-md-2"&gt;&lt;/div&gt;<br>              &lt;div class="col-sm-10 col-md-10"&gt;<br>                &lt;input type="checkbox" class="form-control" id="authorized-input"&gt;<br>                &lt;label for="authorized-input" class="control-label" translate&gt;Reuse my password for privileged tasks&lt;/label&gt;<br>              &lt;/div&gt;<br>            &lt;/div&gt;<br> <br>            &lt;div id="option-group"&gt;<br>              &lt;div class="col-sm-5 col-md-5"&gt;<br>                &lt;i id="option-caret" class="caret caret-right" aria-hidden="true"&gt;<br>                    &lt;svg height="16" width="16" viewBox="0 0 16 16"&gt;<br>                        &lt;polygon fill="#ffffff" points="4,0 4,14 12,7"&gt;<br>                        &lt;/polygon&gt;<br>                    &lt;/svg&gt;<br>                &lt;/i&gt;<br>                &lt;a href="#" id="show-other-login-options" translate&gt;Other Options&lt;/a&gt;<br>              &lt;/div&gt;<br>            &lt;/div&gt;<br> <br>            &lt;div id="server-group" class="form-group" hidden&gt;<br>              &lt;label title="Log in to another system. Leave blank to log in to the local system." for="server-field" class="col-sm-2 col-md-2 control-label" translate&gt;Connect to&lt;/label&gt;<br>              &lt;div class="col-sm-10 col-md-10 server-box"&gt;<br>                &lt;input type="text" class="form-control" id="server-field"&gt;<br>                &lt;span class="cross" id="server-clear" aria-hidden="true"&gt;&amp;#x274c;&lt;/span&gt;<br>              &lt;/div&gt;<br>            &lt;/div&gt;<br> <br>            &lt;div class="form-group"&gt;<br>              &lt;div class="col-md-3 col-sm-3 login-button-container"&gt;<br>                &lt;button class="btn btn-primary btn-lg col-xs-12" id="login-button"&gt;<br>                  &lt;span class="spinner"&gt;&lt;/span&gt;<br>                  &lt;span id="login-button-text" translate&gt;Log In&lt;/span&gt;<br>                &lt;/button&gt;<br>              &lt;/div&gt;<br>            &lt;/div&gt;<br>          &lt;/div&gt;<br>        &lt;/div&gt;&lt;!--/.col-*--&gt;<br> <br>        &lt;div class="col-sm-5 col-md-6 col-lg-7 details" id="login-details"&gt;<br>          &lt;p&gt;<br>            &lt;label class="control-label"&gt;&lt;span translate&gt;Server&lt;/span&gt;: &lt;b id="server-name"&gt;&lt;/b&gt;&lt;/label&gt;<br>          &lt;/p&gt;<br>          &lt;p id="login-note" class="login-note"&gt;&lt;/p&gt;<br>        &lt;/div&gt;&lt;!--/.col-*--&gt;<br> <br>        &lt;div class="col-sm-5 col-md-6 col-lg-7" id="login-wait-validating" hidden&gt;<br>          &lt;div class="col-sm-4"&gt;<br>            &lt;span class="help-block" translate&gt;Validating authentication token&lt;/span&gt;<br>          &lt;/div&gt;<br>          &lt;div class="col-sm-1"&gt;<br>            &lt;div class="spinner col-xs-15"&gt;<br>            &lt;/div&gt;<br>          &lt;/div&gt;<br>        &lt;/div&gt;<br> <br>        &lt;div class="col-sm-12" id="login-fatal" hidden&gt;<br>          &lt;span id="login-fatal-message"&gt;&lt;/span&gt;<br>          &lt;a id="login-again" translate hidden&gt;Try Again&lt;/a&gt;<br>        &lt;/div&gt;<br> <br>        &lt;div class="unsupported-browser col-sm-12" id="unsupported-browser" hidden&gt;<br>          &lt;h2 classname="unsupported-browser-heading" translate&gt;A modern browser is required for security, reliability, and performance.&lt;/h2&gt;<br>          &lt;div class="login-browser-recommendations"&gt;<br>            &lt;div class="col-sm-6"&gt;<br>              &lt;h3 translate&gt;Download a new browser for free&lt;/h3&gt;<br>              &lt;ul&gt;<br>                &lt;li&gt;&lt;a href="https://firefox.com/"&gt;Mozilla Firefox&lt;/a&gt; / Linux, Windows, macOS&lt;/li&gt;<br>                &lt;li&gt;&lt;a href="https://google.com/chrome"&gt;Google Chrome&lt;/a&gt; / Linux, Windows, macOS&lt;/li&gt;<br>              &lt;/ul&gt;<br>            &lt;/div&gt;<br>            &lt;div class="col-sm-6"&gt;<br>              &lt;h3 translate&gt;Or use a bundled browser&lt;/h3&gt;<br>              &lt;ul&gt;<br>                &lt;li&gt;&lt;a href="https://microsoftedge.com/"&gt;Microsoft Edge&lt;/a&gt; / Windows 10+&lt;/li&gt;<br>                &lt;li&gt;&lt;a href="https://apple.com/safari/"&gt;Apple Safari&lt;/a&gt; / macOS&lt;/li&gt;<br>              &lt;/ul&gt;<br>            &lt;/div&gt;<br>          &lt;/div&gt;<br>        &lt;/div&gt;<br> <br>      &lt;/div&gt;&lt;!--/.row--&gt;<br>    &lt;/div&gt;&lt;!--/.container--&gt;<br>  &lt;/body&gt;<br>&lt;/html&gt;<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417084824" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417084824-container');" onmouseover="this.style.cursor='pointer'">24260 - HyperText Transfer Protocol (HTTP) Information<div id="idp45188417084824-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417084824-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Some information about the remote HTTP configuration can be extracted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... <br> <br>This test is informational only and does not denote any security problem.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/01/30, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Response Code : HTTP/1.1 200 OK<br> <br>Protocol version : HTTP/1.1<br>SSL : no<br>Keep-Alive : no<br>Options allowed : (Not implemented)<br>Headers :<br> <br>  Server: nginx<br>  Date: Mon, 18 Sep 2023 03:19:39 GMT<br>  Content-Type: text/html<br>  Content-Length: 2271<br>  Last-Modified: Tue, 19 Jul 2022 06:35:54 GMT<br>  Connection: keep-alive<br>  Vary: Accept-Encoding<br>  ETag: "62d650ca-8df"<br>  X-Frame-Options: SAMEORIGIN<br>  Accept-Ranges: bytes<br>  <br>Response Body :<br> <br>&lt;!doctype html&gt;&lt;html lang="en"&gt;&lt;head&gt;&lt;meta charset="utf-8"/&gt;&lt;link rel="icon" href="/favicon.ico"/&gt;&lt;meta name="viewport" content="width=device-width,initial-scale=1"/&gt;&lt;meta name="theme-color" content="#000000"/&gt;&lt;meta name="description" content="Web site created using create-react-app"/&gt;&lt;link rel="apple-touch-icon" href="logo.png"/&gt;&lt;link rel="manifest" href="/manifest.json"/&gt;&lt;title&gt;Spug&lt;/title&gt;&lt;link href="/static/css/2.80a40609.chunk.css" rel="stylesheet"&gt;&lt;link href="/static/css/main.6446579e.chunk.css" rel="stylesheet"&gt;&lt;/head&gt;&lt;body&gt;&lt;noscript&gt;You need to enable JavaScript to run this app.&lt;/noscript&gt;&lt;div id="root"&gt;&lt;/div&gt;&lt;script&gt;!function(e){function r(r){for(var n,l,p=r[0],f=r[1],i=r[2],c=0,s=[];c&lt;p.length;c++)l=p[c],Object.prototype.hasOwnProperty.call(o,l)&amp;&amp;o[l]&amp;&amp;s.push(o[l][0]),o[l]=0;for(n in f)Object.prototype.hasOwnProperty.call(f,n)&amp;&amp;(e[n]=f[n]);for(a&amp;&amp;a(r);s.length;)s.shift()();return u.push.apply(u,i||[]),t()}function t(){for(var e,r=0;r&lt;u.length;r++){for(var t=u[r],n=!0,p=1;p&lt;t.length;p++){var f=t[p];0!==o[f]&amp;&amp;(n=!1)}n&amp;&amp;(u.splice(r--,1),e=l(l.s=t[0]))}return e}var n={},o={1:0},u=[];function l(r){if(n[r])return n[r].exports;var t=n[r]={i:r,l:!1,exports:{}};return e[r].call(t.exports,t,t.exports,l),t.l=!0,t.exports}l.m=e,l.c=n,l.d=function(e,r,t){l.o(e,r)||Object.defineProperty(e,r,{enumerable:!0,get:t})},l.r=function(e){"undefined"!=typeof Symbol&amp;&amp;Symbol.toStringTag&amp;&amp;Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},l.t=function(e,r){if(1&amp;r&amp;&amp;(e=l(e)),8&amp;r)return e;if(4&amp;r&amp;&amp;"object"==typeof e&amp;&amp;e&amp;&amp;e.__esModule)return e;var t=Object.create(null);if(l.r(t),Object.defineProperty(t,"default",{enumerable:!0,value:e}),2&amp;r&amp;&amp;"string"!=typeof e)for(var n in e)l.d(t,n,function(r){return e[r]}.bind(null,n));return t},l.n=function(e){var r=e&amp;&amp;e.__esModule?function(){return e.default}:function(){return e};return l.d(r,"a",r),r},l.o=function(e,r){return Object.prototype.hasOwnProperty.call(e,r)},l.p="/";var p=this.webpackJsonpspug_web=this.webpackJsonpspug_web||[],f=p.push.bind(p);p.push=r,p=p.slice();for(var i=0;i&lt;p.length;i++)r(p[i]);var a=f;t()}([])&lt;/script&gt;&lt;script src="/static/js/2.b58241b7.chunk.js"&gt;&lt;/script&gt;&lt;script src="/static/js/main.1d806fb5.chunk.js"&gt;&lt;/script&gt;&lt;/body&gt;&lt;/html&gt;<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417102232" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417102232-container');" onmouseover="this.style.cursor='pointer'">24260 - HyperText Transfer Protocol (HTTP) Information<div id="idp45188417102232-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417102232-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Some information about the remote HTTP configuration can be extracted.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc... <br> <br>This test is informational only and does not denote any security problem.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/01/30, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/51371/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Response Code : HTTP/1.1 200 OK<br> <br>Protocol version : HTTP/1.1<br>SSL : no<br>Keep-Alive : no<br>Options allowed : (Not implemented)<br>Headers :<br> <br>  Server: nginx/1.19.9<br>  Date: Mon, 18 Sep 2023 03:19:38 GMT<br>  Content-Type: text/html<br>  Content-Length: 1584<br>  Last-Modified: Mon, 25 Jul 2022 07:24:40 GMT<br>  Connection: keep-alive<br>  Vary: Accept-Encoding<br>  ETag: "62de4538-630"<br>  Cache-Control: no-cache, must-revalidate, proxy-revalidate, max-age=0<br>  Accept-Ranges: bytes<br>  <br>Response Body :<br> <br>&lt;!DOCTYPE html&gt;<br>&lt;html lang="en"&gt;<br>  &lt;head&gt;<br>    &lt;meta charset="UTF-8" /&gt;<br>    &lt;link rel="icon" href="./favicon.ico" /&gt;<br>    &lt;meta name="viewport" content="width=device-width, initial-scale=1.0" /&gt;<br>    &lt;title&gt;Vite App&lt;/title&gt;<br>    &lt;script type="module" crossorigin src="./assets/index.76d7147a.js"&gt;&lt;/script&gt;<br>    &lt;link rel="modulepreload" href="./assets/vendor.bdca1045.js"&gt;<br>    &lt;link rel="stylesheet" href="./assets/index.87a61610.css"&gt;<br>    &lt;script type="module"&gt;!function(){try{new Function("m","return import(m)")}catch(o){console.warn("vite: loading legacy build because dynamic import is unsupported, syntax error above should be ignored");var e=document.getElementById("vite-legacy-polyfill"),n=document.createElement("script");n.src=e.src,n.onload=function(){System.import(document.getElementById('vite-legacy-entry').getAttribute('data-src'))},document.body.appendChild(n)}}();&lt;/script&gt;<br>  &lt;/head&gt;<br>  &lt;body&gt;<br>    &lt;div id="app"&gt;&lt;/div&gt;<br>    <br>    &lt;script nomodule&gt;!function(){var e=document,t=e.createElement("script");if(!("noModule"in t)&amp;&amp;"onbeforeload"in t){var n=!1;e.addEventListener("beforeload",(function(e){if(e.target===t)n=!0;else if(!e.target.hasAttribute("nomodule")||!n)return;e.preventDefault()}),!0),t.type="module",t.src=".",e.head.appendChild(t),t.remove()}}();&lt;/script&gt;<br>    &lt;script nomodule id="vite-legacy-polyfill" src="./assets/polyfills-legacy.227199f5.js"&gt;&lt;/script&gt;<br>    &lt;script nomodule id="vite-legacy-entry" data-src="./assets/index-legacy.4567597d.js"&gt;System.import(document.getElementById('vite-legacy-entry').getAttribute('data-src'))&lt;/script&gt;<br>  &lt;/body&gt;<br>&lt;/html&gt;<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417161368" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417161368-container');" onmouseover="this.style.cursor='pointer'">10114 - ICMP Timestamp Request Remote Date Disclosure<div id="idp45188417161368-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417161368-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It is possible to determine the exact time set on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host answers to an ICMP timestamp request.  This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols.<br> <br>Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">0.0 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">0.0 (CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188417173144" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody>
<tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0524" target="_blank">CVE-1999-0524</a></td>
</tr>
<tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/200" target="_blank">CWE:200</a></td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 1999/08/01, Modified: 2023/04/27<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>icmp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The difference between the local and remote clocks is -514 seconds.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417190936" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417190936-container');" onmouseover="this.style.cursor='pointer'">171410 - IP Assignment Method Detection<div id="idp45188417190936-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417190936-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Enumerates the IP address assignment method(static/dynamic).<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Enumerates the IP address assignment method(static/dynamic).<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/02/14, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">+ lo<br>  + IPv4<br>    - Address       : 127.0.0.1<br>      Assign Method : static<br>  + IPv6<br>    - Address       : ::1<br>      Assign Method : static<br>+ ens192<br>  + IPv4<br>    - Address       : 172.16.187.220<br>      Assign Method : static<br>  + IPv6<br>    - Address       : fe80::31cc:24e3:f2:7bfc<br>      Assign Method : static<br>+ virbr0<br>  + IPv4<br>    - Address       : 192.168.122.1<br>      Assign Method : static<br>+ virbr0-nic<br>+ docker0<br>  + IPv4<br>    - Address       : 172.17.0.1<br>      Assign Method : static<br>  + IPv6<br>    - Address       : fe80::42:f6ff:fe95:f7e4<br>      Assign Method : static<br>+ br-d37da95ee17c<br>  + IPv4<br>    - Address       : 172.18.0.1<br>      Assign Method : static<br>  + IPv6<br>    - Address       : fe80::42:3eff:fe74:96f5<br>      Assign Method : static<br>+ br-09ce6d42da0f<br>  + IPv4<br>    - Address       : 172.19.0.1<br>      Assign Method : static<br>  + IPv6<br>    - Address       : fe80::42:6dff:fe1a:6186<br>      Assign Method : static<br>+ br-5558a1a20473<br>  + IPv4<br>    - Address       : 172.20.0.1<br>      Assign Method : static<br>  + IPv6<br>    - Address       : fe80::42:f3ff:fea7:8b29<br>      Assign Method : static<br>+ vethf7dfdaf@if127<br>  + IPv6<br>    - Address       : fe80::12:57ff:fe39:16fd<br>      Assign Method : static<br>+ veth56a7478@if129<br>  + IPv6<br>    - Address       : fe80::e0b5:1dff:fe83:eb43<br>      Assign Method : static<br>+ veth7a16f7f@if131<br>  + IPv6<br>    - Address       : fe80::e8f3:50ff:fe31:599b<br>      Assign Method : static<br>+ veth5aa009d@if133<br>  + IPv6<br>    - Address       : fe80::6051:c6ff:fe0c:15d7<br>      Assign Method : static<br>+ veth51b5afe@if135<br>  + IPv6<br>    - Address       : fe80::cc94:efff:fe3c:8f6b<br>      Assign Method : static<br>+ vetha08329d@if137<br>  + IPv6<br>    - Address       : fe80::183b:2aff:fede:371e<br>      Assign Method : static<br>+ veth7928bf9@if139<br>  + IPv6<br>    - Address       : fe80::d81a:56ff:fe6d:a1f0<br>      Assign Method : static<br>+ veth31c547b@if141<br>  + IPv6<br>    - Address       : fe80::ecce:73ff:fec5:5a2c<br>      Assign Method : static<br>+ veth211bc11@if143<br>  + IPv6<br>    - Address       : fe80::2898:9cff:fe35:ed63<br>      Assign Method : static<br>+ veth6fdc7bf@if145<br>  + IPv6<br>    - Address       : fe80::5468:a9ff:fe0e:23b3<br>      Assign Method : static<br>+ veth3e11f95@if147<br>  + IPv6<br>    - Address       : fe80::702e:bbff:fef4:eb27<br>      Assign Method : static<br>+ vethc6b3d07@if149<br>  + IPv6<br>    - Address       : fe80::7c86:a3ff:fec1:369a<br>      Assign Method : static<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417222040" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417222040-container');" onmouseover="this.style.cursor='pointer'">147817 - Java Detection and Identification (Linux / Unix)<div id="idp45188417222040-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417222040-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Java is installed on the remote Linux / Unix host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">One or more instances of Java are installed on the remote Linux / Unix host. This may include private JREs bundled with the Java Development  Kit (JDK).<br>Notes:<br> <br>  - This plugin attempts to detect Oracle and non-Oracle JRE instances     such as Zulu Java, Amazon Corretto, AdoptOpenJDK, IBM Java, etc<br>  - To discover instances of JRE that are not in PATH,     or installed via a package manager, 'Perform thorough tests'     setting must be enabled.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417226136" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Java_(software_platform)" target="_blank">https://en.wikipedia.org/wiki/Java_(software_platform)</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188417229848" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0690</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/03/16, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus detected 2 installs of Java:<br> <br>  Path             : /usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64/<br>  Version          : 1.11.0.18.10<br>  Application      : OpenJDK Java<br>  Binary Location  : /usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64/bin/java<br>  Details          : This Java install appears to be OpenJDK due to "openjdk version" in <br>                     the binary (high confidence).<br>  Detection Method : "find" utility<br>  Managed by OS    : True<br> <br>  Path             : /usr/share/elasticsearch/jdk/<br>  Version          : 1.16.36<br>  Application      : AdoptOpenJDK<br>  Binary Location  : /usr/share/elasticsearch/jdk/bin/java<br>  Details          : This Java install appears to be AdoptOpenJDK, confirmed by evidence <br>                     in the binary (high confidence).<br>  Detection Method : "find" utility<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417238424" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417238424-container');" onmouseover="this.style.cursor='pointer'">130595 - Jenkins Installed (Linux)<div id="idp45188417238424-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417238424-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An open source automation server software is installed on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Jenkins, an open source automation server software, is installed on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417241496" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://jenkins.io/" target="_blank">https://jenkins.io/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2019/11/07, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path    : /usr/share/java/jenkins.war<br>  Version : 2.387.1<br>  Edition : Open Source LTS<br>  LTS     : 1<br> <br>  Plugins :<br>    - Ant Plugin 481.v7b_09e538fcca<br>    - Bootstrap 5 API Plugin 5.2.2-2<br>    - Branch API Plugin 2.1071.v1a_188a_562481<br>    - Build Timeout 1.28<br>    - Caffeine API Plugin 2.9.3-65.v6a_47d0f4d1fe<br>    - Checks API plugin 2.0.0<br>    - Credentials Binding Plugin 523.vd859a_4b_122e6<br>    - Credentials Plugin 1224.vc23ca_a_9a_2cb_0<br>    - Display URL API 2.3.7<br>    - Durable Task Plugin 504.vb10d1ae5ba2f<br>    - ECharts API Plugin 5.4.0-3<br>    - Email Extension Plugin 2.95<br>    - Folders Plugin 6.815.v0dd5a_cb_40e0e<br>    - Font Awesome API Plugin 6.3.0-2<br>    - Git plugin 5.0.0<br>    - GitHub API Plugin 1.303-417.ve35d9dd78549<br>    - GitHub Branch Source Plugin 1703.vd5a_2b_29c6cdc<br>    - GitHub plugin 1.37.0<br>    - GitLab Plugin 1.7.9<br>    - Gradle Plugin 2.3.2<br>    - Instance Identity 142.v04572ca_5b_265<br>    - Ionicons API 45.vf54fca_5d2154<br>    - JAXB plugin 2.3.8-1<br>    - JQuery3 API Plugin 3.6.4-1<br>    - JUnit Plugin 1189.v1b_e593637fa_e<br>    - Jackson 2 API Plugin 2.14.2-319.v37853346a_229<br>    - Jakarta Activation API 2.0.1-3<br>    - Jakarta Mail API 2.0.1-3<br>    - Java JSON Web Token (JJWT) Plugin 0.11.5-77.v646c772fddb_0<br>    - JavaBeans Activation Framework (JAF) API 1.2.0-6<br>    - JavaMail API 1.6.2-9<br>    - Jenkins Apache HttpComponents Client 4.x API Plugin 4.5.14-150.v7a_b_9d17134a_5<br>    - Jenkins Git client plugin 4.2.0<br>    - Jenkins Mailer Plugin 448.v5b_97805e3767<br>    - Jenkins Workspace Cleanup Plugin 0.44<br>    - Jersey 2 API 2.39.1-1<br>    - LDAP Plugin 671.v2a_9192a_7419d<br>    - Localization Support Plugin 1.2<br>    - Localization: Chinese (Simplified) 1.0.24<br>    - Matrix Authorization Strategy Plugin 3.1.6<br>    - Matrix Project Plugin 785.v06b_7f47b_c631<br>    - Mina SSHD API :: Common 2.9.2-62.v199162f0a_2f8<br>    - Mina SSHD API :: Core 2.9.2-62.v199162f0a_2f8<br>    - OWASP Markup Formatter Plugin 159.v25b_c67cd35fb_<br>    - OkHttp Plugin 4.10.0-132.v7a_7b_91cef39c<br>    - PAM Authentication plugin 1.10<br>    - Pipeline 596.v8c21c963d92d<br>    - Pipeline Graph Analysis Plugin 202.va_d268e64deb_3<br>    - Pipeline: API 1208.v0cc7c6e0da_9e<br>    - Pipeline: Basic Steps 1010.vf7a_b_98e847c1<br>    - Pipeline: Build Step 487.va_823138eee8b_<br>    - Pipeline: Declarative 2.2125.vddb_a_44a_d605e<br>    - Pipeline: Declarative Extension Points API 2.2125.vddb_a_44a_d605e<br>    - Pipeline: GitHub Groovy Libraries 42.v0739460cda_c4<br>    - Pipeline: Groovy 3641.vf58904a_b_b_5d8<br>    - Pipeline: Groovy Libraries 629.vb_5627b_ee2104<br>    - Pipeline: Input Step 466.v6d0a_5df34f81<br>    - Pipeline: Job 1284.v2fe8ed4573d4<br>    - Pipeline: Milestone Step 111.v449306f708b_7<br>    - Pipeline: Model API 2.2125.vddb_a_44a_d605e<br>    - Pipeline: Multibranch 733.v109046189126<br>    - Pipeline: Nodes and Processes 1234.v019404b_3832a<br>    - Pipeline: REST API Plugin 2.32<br>    - Pipeline: SCM Step 408.v7d5b_135a_b_d49<br>    - Pipeline: Stage Step 305.ve96d0205c1c6<br>    - Pipeline: Stage Tags Metadata 2.2125.vddb_a_44a_d605e<br>    - Pipeline: Stage View Plugin 2.32<br>    - Pipeline: Step API 639.v6eca_cd8c04a_a_<br>    - Pipeline: Supporting APIs 839.v35e2736cfd5c<br>    - Plain Credentials Plugin 143.v1b_df8b_d3b_e48<br>    - Plugin Utilities API Plugin 3.2.0<br>    - Qy Wechat Notification Plugin 1.1.3<br>    - Resource Disposer Plugin 0.21<br>    - SCM API Plugin 631.v9143df5b_e4a_a<br>    - SSH Agent Plugin 327.v230ecd01f86f<br>    - SSH Build Agents plugin 2.877.v365f5eb_a_b_eec<br>    - SSH Credentials Plugin 305.v8f4381501156<br>    - SSH server 3.275.v9e17c10f2571<br>    - Script Security Plugin 1229.v4880b_b_e905a_6<br>    - SnakeYAML API Plugin 1.33-95.va_b_a_e3e47b_fa_4<br>    - Structs Plugin 324.va_f5d6774f3a_d<br>    - Timestamper 1.23<br>    - Token Macro Plugin 321.vd7cc1f2a_52c8<br>    - Trilead API Plugin 2.84.v72119de229b_7<br>    - Variant Plugin 59.vf075fe829ccb<br>    - bouncycastle API Plugin 2.27<br>    - commons-lang3 v3.x Jenkins API Plugin 3.12.0-36.vd97de6465d5b_<br>    - commons-text API Plugin 1.10.0-36.vc008c8fcda_7b_<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417291672" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417291672-container');" onmouseover="this.style.cursor='pointer'">151883 - Libgcrypt Installed (Linux/UNIX)<div id="idp45188417291672-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417291672-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Libgcrypt is installed on this host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Libgcrypt, a cryptography library, was found on the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417294744" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://gnupg.org/download/index.html" target="_blank">https://gnupg.org/download/index.html</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/07/21, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus detected 2 installs of Libgcrypt:<br> <br>  Path    : /usr/lib64/libgcrypt.so.11.8.2<br>  Version : 1.5.3<br> <br>  Path    : /usr/lib64/libgcrypt.so.11<br>  Version : 1.5.3<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417302168" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417302168-container');" onmouseover="this.style.cursor='pointer'">157358 - Linux Mounted Devices<div id="idp45188417302168-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417302168-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Use system commands to obtain the list of mounted devices on the target machine at scan time.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Report the mounted devices information on the target machine at scan time using the following commands.<br>/bin/df -h /bin/lsblk /bin/mount -l<br> <br>This plugin only reports on the tools available on the system and omits any tool that did not return information when the command was ran.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/02/03, Modified: 2022/09/08<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">$ df -h<br>Filesystem      Size  Used Avail Use% Mounted on<br>devtmpfs        7.8G     0  7.8G   0% /dev<br>tmpfs           7.8G     0  7.8G   0% /dev/shm<br>tmpfs           7.8G   45M  7.8G   1% /run<br>tmpfs           7.8G     0  7.8G   0% /sys/fs/cgroup<br>/dev/sda2       200G  142G   58G  72% /<br>/dev/sda1       473M  169M  305M  36% /boot<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/380c0c1ea9337046f3d1a743f49c133daf629d5f6de738e7fd4e598020a156c2/merged<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/aeee1d30764e4c6fec98fcccd9cce8be8084419748e5567983cc3b9d1bf5a71a/merged<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/896be5f76cbdad1e9c820de6ed4ffd1f7147c91db7c8fd0ea2a40723eab5ff44/merged<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/e862f6d9348799290ac3faa357dbf80ecce6c6b56fbe0e792b7c8d309c3a3a66/merged<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/9cac60984ab943bd8aa533ef0b37446ba210ab55555fdfd187cb7c0e4f7065bb/merged<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/8c423c5bcaeaac32a2c890679d391435fc43165b3d3307b61dabf05365ed3693/merged<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/ee3c4899715af88295bea567589795fa593b804dd5f50cf07203b26f63ef51ef/merged<br>shm              64M     0   64M   0% /var/lib/docker/containers/37e59307341c2ae73828ff7826d23852a320f2d1bc033f95eae64c50b29bb38d/mounts/shm<br>shm              64M     0   64M   0% /var/lib/docker/containers/88854ca93fdc6cbc539fb746f2d461c8253e08d1bbeb68604866d3647168ebe6/mounts/shm<br>shm              64M     0   64M   0% /var/lib/docker/containers/faa51e572b870e89a0d9479fe6a5cfd39c523a3275b9f630c3507a3ca11d2b86/mounts/shm<br>shm              64M   16K   64M   1% /var/lib/docker/containers/44ada60e113a6cecd8b62300437bb8e79fc6a65c6dd2caa754b501f22587f978/mounts/shm<br>shm              64M     0   64M   0% /var/lib/docker/containers/30d89bf4c2655b84c7317a553a7cdc3e075e5c432a31df2219a20322d699011e/mounts/shm<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/b3eac2fa6323a38e606cfe77fc64a42a16cd7e37e55fc45d900eac74463ab88b/merged<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/0170c339ccc9d06a6fe2ce809ea1390a4103328dc448c81730d7560124e1ae8d/merged<br>shm              64M     0   64M   0% /var/lib/docker/containers/80afa781401ffe6e5a65049e2310c95a08e7c30d10257f57bd87f0ba9f4b81f8/mounts/shm<br>shm              64M     0   64M   0% /var/lib/docker/containers/b085cf3fb55a4abe8733c399742b09239ea9a0ace5d6140e67690887dedc1e36/mounts/shm<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/b2e1fb77fab586f69cf8ed1557d0ac38c944fc671631bee416563c48f3e99192/merged<br>shm              64M     0   64M   0% /var/lib/docker/containers/d5b3428e030fe7433ce6bfddb3300ee6f0d12690dac45608c67483809eb4a32d/mounts/shm<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/f02474db091ee640e014b407960e9e17c3c542a24f8fae81bfcf46f6059ed166/merged<br>shm              64M     0   64M   0% /var/lib/docker/containers/934e0f2e8d4c2f71b4b4134359081e80454b0d6f7ec46a049692c70a5abe2da3/mounts/shm<br>tmpfs           1.6G     0  1.6G   0% /run/user/0<br>overlay         200G  142G   58G  72% /var/lib/docker/overlay2/8c2b604de252f1ddbf597e16dfff7aa041f81b0185fbee61ceaa3faa23bd4c08/merged<br> <br> <br>$ lsblk<br>NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT<br>sda      8:0    0   200G  0 disk <br>├─sda1   8:1    0   476M  0 part /boot<br>└─sda2   8:2    0 199.5G  0 part /<br>sr0     11:0    1   918M  0 rom  <br> <br> <br>$ mount -l<br>sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)<br>proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)<br>devtmpfs on /dev type devtmpfs (rw,nosuid,size=8112976k,nr_inodes=2028244,mode=755)<br>securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)<br>tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)<br>devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)<br>tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)<br>tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)<br>cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)<br>pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)<br>cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)<br>cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)<br>cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)<br>cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)<br>cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)<br>cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)<br>cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)<br>cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_prio,net_cls)<br>cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)<br>cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)<br>configfs on /sys/kernel/config type configfs (rw,relatime)<br>/dev/sda2 on / type xfs (rw,relatime,attr2,inode64,noquota)<br>systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=22,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=15924)<br>debugfs on /sys/kernel/debug type debugfs (rw,relatime)<br>mqueue on /dev/mqueue type mqueue (rw,relatime)<br>hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)<br>/dev/sda1 on /boot type xfs (rw,relatime,attr2,inode64,noquota)<br>sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)<br>binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,relatime)<br>proc on /run/docker/netns/default type proc (rw,nosuid,nodev,noexec,relatime)<br>overlay on /var/lib/docker/overlay2/380c0c1ea9337046f3d1a743f49c133daf629d5f6de738e7fd4e598020a156c2/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/ZUM4VBRLONT2PTODKPNFZ3JKKA:/var/lib/docker/overlay2/l/ARAB2HEQNDQ6QXTKJZLRZWUGJH:/var/lib/docker/overlay2/l/XE2YJVXCCFRUMPDUMBVYBJQMJH:/var/lib/docker/overlay2/l/CV4TB6MLIYT7KWJVRFJLUNXB7L:/var/lib/docker/overlay2/l/RLB2LXH7WWX4J42KQQVKTEHEMV:/var/lib/docker/overlay2/l/M26FJUVR6B6OGAF3XSIJD6EZ5Y:/var/lib/docker/overlay2/l/3QY6GJUWZ47J4WBSF4VMNTAM7Y:/var/lib/docker/overlay2/l/UC5KBHEXEAEX5XXMQWH6FGMVVC:/var/lib/docker/overlay2/l/6XL65BKQAACBA2INNU72HBRT75:/var/lib/docker/overlay2/l/S5CDPJ4GGZ3UPQDQB4HPWQRJTM:/var/lib/docker/overlay2/l/K5YPPNO3H2CMTZCWO6ZGXDFN44:/var/lib/docker/overlay2/l/EAUSBPHRVFFDRUPKQ74YBO23YN:/var/lib/docker/overlay2/l/6LBNZE7UFFM6Q5CCOAMAZ2WF7E:/var/lib/docker/overlay2/l/4DBRF7LCCTO5NITWINWMTGMDFK:/var/lib/docker/overlay2/l/NXGMKAFE2TYUN6KRTKAFS73TIB:/var/lib/docker/overlay2/l/SJOASLK3MWOC2Y4ZHF6VOCHAAW:/var/lib/docker/overlay2/l/G3IA3T6VYFZZ5HGZQ6PLZAPJRJ:/var/lib/docker/overlay2/l/UO5DXBL46HOWNXAG7XCSFFK2MR:/var/lib/docker/overlay2/l/JIMK726NLVKEN5HNBWK2HQX77R:/var/lib/docker/overlay2/l/TVP54ZPIIADVMB7ICGXFAFVTAN:/var/lib/docker/overlay2/l/KE5T65DSBNKIWP6XUWXRXA3GUS:/var/lib/docker/overlay2/l/ZXYTBKXMQJ2I2WOXWBCQNAEOU2:/var/lib/docker/overlay2/l/BJMS7RIV3KD5RBJFCWQF72SXIZ:/var/lib/docker/overlay2/l/LXODCRDXJLN2FZEKB6BOLEZCQ4:/var/lib/docker/overlay2/l/6NZ42EVAGPRK5LCO2Q7TQLWYID:/var/lib/docker/overlay2/l/6I4OW2C33W47VEDVG6CR4QVEOV:/var/lib/docker/overlay2/l/FIEX6BGLNH3L2LCPI2DYQQHKLC:/var/lib/docker/overlay2/l/KHVYLVSZCUE27P2KESNHJFWOHQ:/var/lib/docker/overlay2/l/EZJORJNJCN7F4MG2F467AEJHW3,upperdir=/var/lib/docker/overlay2/380c0c1ea9337046f3d1a743f49c133daf629d5f6de738e7fd4e598020a156c2/diff,workdir=/var/lib/docker/overlay2/380c0c1ea9337046f3d1a743f49c133daf629d5f6de738e7fd4e598020a156c2/work)<br>overlay on /var/lib/docker/overlay2/aeee1d30764e4c6fec98fcccd9cce8be8084419748e5567983cc3b9d1bf5a71a/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/7QMOSALQQLYURGI4E6FWBVG5UR:/var/lib/docker/overlay2/l/YBDVHRFEJXBHJTHFKQVB4GWYFK:/var/lib/docker/overlay2/l/5E56JEANG3262XR3NYTBZG6TNY:/var/lib/docker/overlay2/l/OHMVN3TPFFRLZA5SDZU2HFLLPO:/var/lib/docker/overlay2/l/5SQ6GPJYDJN6CCFBAQLEWHUHTY:/var/lib/docker/overlay2/l/TGSKDAXCGWMTNGHKL4UBBX4SPF:/var/lib/docker/overlay2/l/K43LE7XDKDHTZLLEJ52HKMT4UM:/var/lib/docker/overlay2/l/YTIKLWO2EGB2T5JYMRPSQL2KKR:/var/lib/docker/overlay2/l/FVIMZQPKGJCEGKU6H3I6OFA6QC:/var/lib/docker/overlay2/l/5JE45WPSEOOCZC5CSR5WQ5DXWY:/var/lib/docker/overlay2/l/XDWSMWA7DWAOQWF7NMFWKK6253:/var/lib/docker/overlay2/l/VRMUF4MDO7X7ZIBPD4VIJPAA5I:/var/lib/docker/overlay2/l/4BVOHVZRZBCU7YIDLYZWVYRIYN:/var/lib/docker/overlay2/l/W7EVYTBY6VRBQ7EO3O2RVEWT47:/var/lib/docker/overlay2/l/EZJORJNJCN7F4MG2F467AEJHW3,upperdir=/var/lib/docker/overlay2/aeee1d30764e4c6fec98fcccd9cce8be8084419748e5567983cc3b9d1bf5a71a/diff,workdir=/var/lib/docker/overlay2/aeee1d30764e4c6fec98fcccd9cce8be8084419748e5567983cc3b9d1bf5a71a/work)<br>overlay on /var/lib/docker/overlay2/896be5f76cbdad1e9c820de6ed4ffd1f7147c91db7c8fd0ea2a40723eab5ff44/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/A3PKGP2MEMPIU6HNAZDYJ23LAV:/var/lib/docker/overlay2/l/ARAB2HEQNDQ6QXTKJZLRZWUGJH:/var/lib/docker/overlay2/l/XE2YJVXCCFRUMPDUMBVYBJQMJH:/var/lib/docker/overlay2/l/CV4TB6MLIYT7KWJVRFJLUNXB7L:/var/lib/docker/overlay2/l/RLB2LXH7WWX4J42KQQVKTEHEMV:/var/lib/docker/overlay2/l/M26FJUVR6B6OGAF3XSIJD6EZ5Y:/var/lib/docker/overlay2/l/3QY6GJUWZ47J4WBSF4VMNTAM7Y:/var/lib/docker/overlay2/l/UC5KBHEXEAEX5XXMQWH6FGMVVC:/var/lib/docker/overlay2/l/6XL65BKQAACBA2INNU72HBRT75:/var/lib/docker/overlay2/l/S5CDPJ4GGZ3UPQDQB4HPWQRJTM:/var/lib/docker/overlay2/l/K5YPPNO3H2CMTZCWO6ZGXDFN44:/var/lib/docker/overlay2/l/EAUSBPHRVFFDRUPKQ74YBO23YN:/var/lib/docker/overlay2/l/6LBNZE7UFFM6Q5CCOAMAZ2WF7E:/var/lib/docker/overlay2/l/4DBRF7LCCTO5NITWINWMTGMDFK:/var/lib/docker/overlay2/l/NXGMKAFE2TYUN6KRTKAFS73TIB:/var/lib/docker/overlay2/l/SJOASLK3MWOC2Y4ZHF6VOCHAAW:/var/lib/docker/overlay2/l/G3IA3T6VYFZZ5HGZQ6PLZAPJRJ:/var/lib/docker/overlay2/l/UO5DXBL46HOWNXAG7XCSFFK2MR:/var/lib/docker/overlay2/l/JIMK726NLVKEN5HNBWK2HQX77R:/var/lib/docker/overlay2/l/TVP54ZPIIADVMB7ICGXFAFVTAN:/var/lib/docker/overlay2/l/KE5T65DSBNKIWP6XUWXRXA3GUS:/var/lib/docker/overlay2/l/ZXYTBKXMQJ2I2WOXWBCQNAEOU2:/var/lib/docker/overlay2/l/BJMS7RIV3KD5RBJFCWQF72SXIZ:/var/lib/docker/overlay2/l/LXODCRDXJLN2FZEKB6BOLEZCQ4:/var/lib/docker/overlay2/l/6NZ42EVAGPRK5LCO2Q7TQLWYID:/var/lib/docker/overlay2/l/6I4OW2C33W47VEDVG6CR4QVEOV:/var/lib/docker/overlay2/l/FIEX6BGLNH3L2LCPI2DYQQHKLC:/var/lib/docker/overlay2/l/KHVYLVSZCUE27P2KESNHJFWOHQ:/var/lib/docker/overlay2/l/EZJORJNJCN7F4MG2F467AEJHW3,upperdir=/var/lib/docker/overlay2/896be5f76cbdad1e9c820de6ed4ffd1f7147c91db7c8fd0ea2a40723eab5ff44/diff,workdir=/var/lib/docker/overlay2/896be5f76cbdad1e9c820de6ed4ffd1f7147c91db7c8fd0ea2a40723eab5ff44/work)<br>overlay on /var/lib/docker/overlay2/e862f6d9348799290ac3faa357dbf80ecce6c6b56fbe0e792b7c8d309c3a3a66/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/D6MYGL6ZS3Q5JHIPYH2MMUQFJU:/var/lib/docker/overlay2/l/75HO7CDTDII3KHDTCSKFALSJRM:/var/lib/docker/overlay2/l/YZIOLNUBYSR4LWL3NN3ZJYH6BW:/var/lib/docker/overlay2/l/75KURECPBP4C45X3FE4RDSOTR7:/var/lib/docker/overlay2/l/CFHW4SM7LI2MGMYOLPG3FK4ZGT:/var/lib/docker/overlay2/l/PNERMLBQKK6IORNCNZ2CY4H7YT:/var/lib/docker/overlay2/l/POSEQFCRZ45IYEWYPFUVML23JV:/var/lib/docker/overlay2/l/EMYWR7QRQXWZZILXXUGGGHF26G:/var/lib/docker/overlay2/l/UYUBYTDNHE3YVNRC3Q2URQ2ID7:/var/lib/docker/overlay2/l/XTXP26X6A2S6OPUMNP6ZHSSTWJ:/var/lib/docker/overlay2/l/PVUBOTBDZTNV7I74XEWWVUO5KS:/var/lib/docker/overlay2/l/CS7QH355FALOJQWN46REDQYJA7:/var/lib/docker/overlay2/l/227JXTPRWRZ4BNE45CED2C7EGM:/var/lib/docker/overlay2/l/QTAQW3LWZXX4AQMCFQVMRHUZJE,upperdir=/var/lib/docker/overlay2/e862f6d9348799290ac3faa357dbf80ecce6c6b56fbe0e792b7c8d309c3a3a66/diff,workdir=/var/lib/docker/overlay2/e862f6d9348799290ac3faa357dbf80ecce6c6b56fbe0e792b7c8d309c3a3a66/work)<br>overlay on /var/lib/docker/overlay2/9cac60984ab943bd8aa533ef0b37446ba210ab55555fdfd187cb7c0e4f7065bb/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/T52YNW3OOHIGPLXQOBQLBQXGG4:/var/lib/docker/overlay2/l/ARAB2HEQNDQ6QXTKJZLRZWUGJH:/var/lib/docker/overlay2/l/XE2YJVXCCFRUMPDUMBVYBJQMJH:/var/lib/docker/overlay2/l/CV4TB6MLIYT7KWJVRFJLUNXB7L:/var/lib/docker/overlay2/l/RLB2LXH7WWX4J42KQQVKTEHEMV:/var/lib/docker/overlay2/l/M26FJUVR6B6OGAF3XSIJD6EZ5Y:/var/lib/docker/overlay2/l/3QY6GJUWZ47J4WBSF4VMNTAM7Y:/var/lib/docker/overlay2/l/UC5KBHEXEAEX5XXMQWH6FGMVVC:/var/lib/docker/overlay2/l/6XL65BKQAACBA2INNU72HBRT75:/var/lib/docker/overlay2/l/S5CDPJ4GGZ3UPQDQB4HPWQRJTM:/var/lib/docker/overlay2/l/K5YPPNO3H2CMTZCWO6ZGXDFN44:/var/lib/docker/overlay2/l/EAUSBPHRVFFDRUPKQ74YBO23YN:/var/lib/docker/overlay2/l/6LBNZE7UFFM6Q5CCOAMAZ2WF7E:/var/lib/docker/overlay2/l/4DBRF7LCCTO5NITWINWMTGMDFK:/var/lib/docker/overlay2/l/NXGMKAFE2TYUN6KRTKAFS73TIB:/var/lib/docker/overlay2/l/SJOASLK3MWOC2Y4ZHF6VOCHAAW:/var/lib/docker/overlay2/l/G3IA3T6VYFZZ5HGZQ6PLZAPJRJ:/var/lib/docker/overlay2/l/UO5DXBL46HOWNXAG7XCSFFK2MR:/var/lib/docker/overlay2/l/JIMK726NLVKEN5HNBWK2HQX77R:/var/lib/docker/overlay2/l/TVP54ZPIIADVMB7ICGXFAFVTAN:/var/lib/docker/overlay2/l/KE5T65DSBNKIWP6XUWXRXA3GUS:/var/lib/docker/overlay2/l/ZXYTBKXMQJ2I2WOXWBCQNAEOU2:/var/lib/docker/overlay2/l/BJMS7RIV3KD5RBJFCWQF72SXIZ:/var/lib/docker/overlay2/l/LXODCRDXJLN2FZEKB6BOLEZCQ4:/var/lib/docker/overlay2/l/6NZ42EVAGPRK5LCO2Q7TQLWYID:/var/lib/docker/overlay2/l/6I4OW2C33W47VEDVG6CR4QVEOV:/var/lib/docker/overlay2/l/FIEX6BGLNH3L2LCPI2DYQQHKLC:/var/lib/docker/overlay2/l/KHVYLVSZCUE27P2KESNHJFWOHQ:/var/lib/docker/overlay2/l/EZJORJNJCN7F4MG2F467AEJHW3,upperdir=/var/lib/docker/overlay2/9cac60984ab943bd8aa533ef0b37446ba210ab55555fdfd187cb7c0e4f7065bb/diff,workdir=/var/lib/docker/overlay2/9cac60984ab943bd8aa533ef0b37446ba210ab55555fdfd187cb7c0e4f7065bb/work)<br>overlay on /var/lib/docker/overlay2/8c423c5bcaeaac32a2c890679d391435fc43165b3d3307b61dabf05365ed3693/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/7BSD3Q3GL4HR7A7J3LWJB6LYIF:/var/lib/docker/overlay2/l/5BINLD27Y3K7B7WRA6LSB6FEK4:/var/lib/docker/overlay2/l/K3N74BJZZ2ZY7GAQQWRNURBJQS:/var/lib/docker/overlay2/l/P26ZB7ZKEVVFEN2QYWX66XASRQ:/var/lib/docker/overlay2/l/VRU2FVIGI7E35PIA7ATOMA46LA:/var/lib/docker/overlay2/l/N63BRRI2FSGCY4XSMXUGURYIAZ:/var/lib/docker/overlay2/l/34MTAMN2JT5UG6FVMFKGIYTGN7:/var/lib/docker/overlay2/l/VXZAGNBOUYNI42QTVBBAFQQLSC:/var/lib/docker/overlay2/l/AJADTH6DJEPUZB4RIITY4HE7ZF:/var/lib/docker/overlay2/l/KBQXZCOPURNAFYS3UHTGZOSVFX:/var/lib/docker/overlay2/l/LLCFZ6FGJ644DLA3ORAKIF7GIE:/var/lib/docker/overlay2/l/V52MKWWY543O7WHJCR5MS5VYQ7:/var/lib/docker/overlay2/l/BDOQPSQ522AAIJQFXMKKKOPTUN:/var/lib/docker/overlay2/l/57LTNLVM22TDZMQY72HKJJIGNY:/var/lib/docker/overlay2/l/JA35TU5PJDMUWK5SGGU4FCI62X:/var/lib/docker/overlay2/l/5LZ7SVJOVTBPSWB5I2NJWCHZJI:/var/lib/docker/overlay2/l/4CK2NJFPVLG6FQ2OOB4SJTGQLK:/var/lib/docker/overlay2/l/SV33F7NGLA2RQEZSPRCFJBASC3:/var/lib/docker/overlay2/l/FNM2HIUMNLEX3K2F5CC7OGOI7L,upperdir=/var/lib/docker/overlay2/8c423c5bcaeaac32a2c890679d391435fc43165b3d3307b61dabf05365ed3693/diff,workdir=/var/lib/docker/overlay2/8c423c5bcaeaac32a2c890679d391435fc43165b3d3307b61dabf05365ed3693/work)<br>overlay on /var/lib/docker/overlay2/ee3c4899715af88295bea567589795fa593b804dd5f50cf07203b26f63ef51ef/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/YKVULSTG4JC57T3CMFCJEC3GOE:/var/lib/docker/overlay2/l/J6FZJICBMUT3GFRF563NICS6TR:/var/lib/docker/overlay2/l/TT7WENTUGLWOVSGVCFW6LKPSLH:/var/lib/docker/overlay2/l/3NBAN3R7AJLWWWK2SUZQSC3A4Y:/var/lib/docker/overlay2/l/2YJXQKEWJUHUEF2ILEH625FBPD:/var/lib/docker/overlay2/l/OHQW6H2UBDCB7R645DRTFWYO77:/var/lib/docker/overlay2/l/MCXGJ2EG2CFQUCYFXE74X7ZO3D:/var/lib/docker/overlay2/l/YWTRSXAM7F6AKCQ3B5LOLL6UMX:/var/lib/docker/overlay2/l/HDJRDLGUREZ65M5YRZU2XE7UEH:/var/lib/docker/overlay2/l/HNEI5PKFRIWAA2Y264E2TM5ZHA,upperdir=/var/lib/docker/overlay2/ee3c4899715af88295bea567589795fa593b804dd5f50cf07203b26f63ef51ef/diff,workdir=/var/lib/docker/overlay2/ee3c4899715af88295bea567589795fa593b804dd5f50cf07203b26f63ef51ef/work)<br>shm on /var/lib/docker/containers/37e59307341c2ae73828ff7826d23852a320f2d1bc033f95eae64c50b29bb38d/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>shm on /var/lib/docker/containers/88854ca93fdc6cbc539fb746f2d461c8253e08d1bbeb68604866d3647168ebe6/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>shm on /var/lib/docker/containers/faa51e572b870e89a0d9479fe6a5cfd39c523a3275b9f630c3507a3ca11d2b86/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>proc on /run/docker/netns/678bfaf8be86 type proc (rw,nosuid,nodev,noexec,relatime)<br>proc on /run/docker/netns/d56194a5dd38 type proc (rw,nosuid,nodev,noexec,relatime)<br>shm on /var/lib/docker/containers/44ada60e113a6cecd8b62300437bb8e79fc6a65c6dd2caa754b501f22587f978/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>shm on /var/lib/docker/containers/30d89bf4c2655b84c7317a553a7cdc3e075e5c432a31df2219a20322d699011e/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>proc on /run/docker/netns/88fc465820ed type proc (rw,nosuid,nodev,noexec,relatime)<br>proc on /run/docker/netns/901b3eedaed8 type proc (rw,nosuid,nodev,noexec,relatime)<br>proc on /run/docker/netns/826d72cf0055 type proc (rw,nosuid,nodev,noexec,relatime)<br>proc on /run/docker/netns/3af7b45ac0bb type proc (rw,nosuid,nodev,noexec,relatime)<br>proc on /run/docker/netns/5425825594f2 type proc (rw,nosuid,nodev,noexec,relatime)<br>overlay on /var/lib/docker/overlay2/b3eac2fa6323a38e606cfe77fc64a42a16cd7e37e55fc45d900eac74463ab88b/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/QBMKGM5UV2GRINJ6PWWANBNFRX:/var/lib/docker/overlay2/l/XXMPSDZML7S7Z7TC2YQHVN5RBR:/var/lib/docker/overlay2/l/7QW6WTHDDVN54M6HPLW4LQPISA:/var/lib/docker/overlay2/l/CEVSUTIOO2Q657TRZRET3JS6RN:/var/lib/docker/overlay2/l/5V57ISLC4J77Y7LE3IATL5PAPM:/var/lib/docker/overlay2/l/NMMZXZNMINUTJYXJ26IDSOVCDN:/var/lib/docker/overlay2/l/J7EHJH32BVWC7QN2LYZ2NP4YZR:/var/lib/docker/overlay2/l/D2ZWFVVREFZYUOL2EEAGNORCP3:/var/lib/docker/overlay2/l/7N4GUWZKD26745QPRGXV6HXAIN:/var/lib/docker/overlay2/l/B4TBCRMLTTX774GSNP2UGKLGDA:/var/lib/docker/overlay2/l/4I6J7AH3EQ7Q6EKU2R5ROWQKI6:/var/lib/docker/overlay2/l/4CUFWKTBZGWBKD2RU5DDZMSJVB:/var/lib/docker/overlay2/l/KUY27KND3TXDA5PBS2HUZGXRIQ,upperdir=/var/lib/docker/overlay2/b3eac2fa6323a38e606cfe77fc64a42a16cd7e37e55fc45d900eac74463ab88b/diff,workdir=/var/lib/docker/overlay2/b3eac2fa6323a38e606cfe77fc64a42a16cd7e37e55fc45d900eac74463ab88b/work)<br>overlay on /var/lib/docker/overlay2/0170c339ccc9d06a6fe2ce809ea1390a4103328dc448c81730d7560124e1ae8d/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/6PADFUMCPWYEKKMLE7FPJAOQQO:/var/lib/docker/overlay2/l/JCZVWCH4LDQ5PWSGHVXPKQLAZR:/var/lib/docker/overlay2/l/33HIFXXOKTCYATE72JXYACHZ7A:/var/lib/docker/overlay2/l/5H3SGXGSQNU6TIFJNQXBQLK62U:/var/lib/docker/overlay2/l/XASNWS3FRY6IUVERXKWIMNQDB5:/var/lib/docker/overlay2/l/K4RE6FPPQXKBPERXRTT73CKX4B:/var/lib/docker/overlay2/l/ZXLN5RHSZPNDD27G3PNNFHYBOB,upperdir=/var/lib/docker/overlay2/0170c339ccc9d06a6fe2ce809ea1390a4103328dc448c81730d7560124e1ae8d/diff,workdir=/var/lib/docker/overlay2/0170c339ccc9d06a6fe2ce809ea1390a4103328dc448c81730d7560124e1ae8d/work)<br>shm on /var/lib/docker/containers/80afa781401ffe6e5a65049e2310c95a08e7c30d10257f57bd87f0ba9f4b81f8/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>shm on /var/lib/docker/containers/b085cf3fb55a4abe8733c399742b09239ea9a0ace5d6140e67690887dedc1e36/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>proc on /run/docker/netns/aedd61f62269 type proc (rw,nosuid,nodev,noexec,relatime)<br>proc on /run/docker/netns/b9259c0ac9e6 type proc (rw,nosuid,nodev,noexec,relatime)<br>overlay on /var/lib/docker/overlay2/b2e1fb77fab586f69cf8ed1557d0ac38c944fc671631bee416563c48f3e99192/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/B4FU4MMUPRD3N2I66RDDAOGBRX:/var/lib/docker/overlay2/l/MSQLTCSHJNJ2EU42W5F7LLVH34:/var/lib/docker/overlay2/l/76M7KUSO6U3ZRA6BZT5ZJ5XJMD:/var/lib/docker/overlay2/l/GBNXIP2GZR2QXUVVKJFKMQKXZU:/var/lib/docker/overlay2/l/XTIPVU2YTOSZGKQTRYIO5DOJ7Q:/var/lib/docker/overlay2/l/Y3G3GO3FTM6CCLICRDC3YBYRA7:/var/lib/docker/overlay2/l/MF3QGKO6Y4UALM5IKS6JOYYJH4:/var/lib/docker/overlay2/l/NC5MYXAWUSC6AOZSGLKUULKRXL:/var/lib/docker/overlay2/l/XUYSLV5ORGYAHBZ3UBTLB4S457:/var/lib/docker/overlay2/l/7LKC4VHM7XJGXNV6WEPQHKWCXD:/var/lib/docker/overlay2/l/HXHRKCIFNDKGUNKCRBRBD7AU74:/var/lib/docker/overlay2/l/BLGNMBVKSMZQKH6ORDQ3ZF32ZC,upperdir=/var/lib/docker/overlay2/b2e1fb77fab586f69cf8ed1557d0ac38c944fc671631bee416563c48f3e99192/diff,workdir=/var/lib/docker/overlay2/b2e1fb77fab586f69cf8ed1557d0ac38c944fc671631bee416563c48f3e99192/work)<br>shm on /var/lib/docker/containers/d5b3428e030fe7433ce6bfddb3300ee6f0d12690dac45608c67483809eb4a32d/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>proc on /run/docker/netns/6306d296c9ac type proc (rw,nosuid,nodev,noexec,relatime)<br>overlay on /var/lib/docker/overlay2/f02474db091ee640e014b407960e9e17c3c542a24f8fae81bfcf46f6059ed166/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/D5O55ABSMJEELHLQRWO5SVAZJ5:/var/lib/docker/overlay2/l/AXPEJBGS4YGXEAA2Y7XFTZYLMU:/var/lib/docker/overlay2/l/XMGP6CDOBZ6FB7XS3HQQWFLGZW:/var/lib/docker/overlay2/l/Y6LAFLBSASGRQDS4JP7MJ4CFCJ:/var/lib/docker/overlay2/l/OCYSQBAAZNLKVDG3MHECKYTKQH:/var/lib/docker/overlay2/l/XDDMHKSKFVWDHSOVRJ3LCVWECQ:/var/lib/docker/overlay2/l/2P5QSOBSXXGZ7ZIVVKV3EC6YUW:/var/lib/docker/overlay2/l/B57JALLHQL27N2ALVU4JPTBHMD:/var/lib/docker/overlay2/l/RWKK26BJBZQOKVO6OTDMIEBFII,upperdir=/var/lib/docker/overlay2/f02474db091ee640e014b407960e9e17c3c542a24f8fae81bfcf46f6059ed166/diff,workdir=/var/lib/docker/overlay2/f02474db091ee640e014b407960e9e17c3c542a24f8fae81bfcf46f6059ed166/work)<br>shm on /var/lib/docker/containers/934e0f2e8d4c2f71b4b4134359081e80454b0d6f7ec46a049692c70a5abe2da3/mounts/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)<br>proc on /run/docker/netns/e771022302f7 type proc (rw,nosuid,nodev,noexec,relatime)<br>tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=1624736k,mode=700)<br>overlay on /var/lib/docker/overlay2/8c2b604de252f1ddbf597e16dfff7aa041f81b0185fbee61ceaa3faa23bd4c08/merged type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/47PNPGFQIVUFF3RFC45BVP2AAS:/var/lib/docker/overlay2/l/N7YULHCMMZOK5DES34UQU6X4DD:/var/lib/docker/overlay2/l/YM6VJPWB4ZSMAMQ3GV526QQ7VP,upperdir=/var/lib/docker/overlay2/8c2b604de252f1ddbf597e16dfff7aa041f81b0185fbee61ceaa3faa23bd4c08/diff,workdir=/var/lib/docker/overlay2/8c2b604de252f1ddbf597e16dfff7aa041f81b0185fbee61ceaa3faa23bd4c08/work)<br>proc on /run/docker/netns/7befe01b86b4 type proc (rw,nosuid,nodev,noexec,relatime)<br> <br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417345304" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417345304-container');" onmouseover="this.style.cursor='pointer'">95928 - Linux User List Enumeration<div id="idp45188417345304-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417345304-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to enumerate local users and groups on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, Nessus was able to enumerate the local users and groups on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2016/12/19, Modified: 2023/02/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>----------[ User Accounts ]----------<br> <br>----------[ System Accounts ]----------<br> <br>User         : root<br>Home folder  : /root<br>Start script : /bin/bash<br>Groups       : root<br> <br>User         : bin<br>Home folder  : /bin<br>Start script : /sbin/nologin<br>Groups       : bin<br> <br>User         : daemon<br>Home folder  : /sbin<br>Start script : /sbin/nologin<br>Groups       : daemon<br> <br>User         : adm<br>Home folder  : /var/adm<br>Start script : /sbin/nologin<br>Groups       : adm<br> <br>User         : lp<br>Home folder  : /var/spool/lpd<br>Start script : /sbin/nologin<br>Groups       : lp<br> <br>User         : sync<br>Home folder  : /sbin<br>Start script : /bin/sync<br>Groups       : root<br> <br>User         : shutdown<br>Home folder  : /sbin<br>Start script : /sbin/shutdown<br>Groups       : root<br> <br>User         : halt<br>Home folder  : /sbin<br>Start script : /sbin/halt<br>Groups       : root<br> <br>User         : mail<br>Home folder  : /var/spool/mail<br>Start script : /sbin/nologin<br>Groups       : mail<br> <br>User         : operator<br>Home folder  : /root<br>Start script : /sbin/nologin<br>Groups       : root<br> <br>User         : games<br>Home folder  : /usr/games<br>Start script : /sbin/nologin<br>Groups       : users<br> <br>User         : ftp<br>Home folder  : /var/ftp<br>Start script : /sbin/nologin<br>Groups       : ftp<br> <br>User         : nobody<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : nobody<br> <br>User         : systemd-network<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : systemd-network<br> <br>User         : dbus<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : dbus<br> <br>User         : polkitd<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : polkitd<br> <br>User         : sshd<br>Home folder  : /var/empty/sshd<br>Start script : /sbin/nologin<br>Groups       : sshd<br> <br>User         : postfix<br>Home folder  : /var/spool/postfix<br>Start script : /sbin/nologin<br>Groups       : mail<br>               postfix<br> <br>User         : tss<br>Home folder  : /dev/null<br>Start script : /sbin/nologin<br>Groups       : tss<br> <br>User         : cockpit-ws<br>Home folder  : /nonexisting<br>Start script : /sbin/nologin<br>Groups       : cockpit-ws<br> <br>User         : unbound<br>Home folder  : /etc/unbound<br>Start script : /sbin/nologin<br>Groups       : unbound<br> <br>User         : rpc<br>Home folder  : /var/lib/rpcbind<br>Start script : /sbin/nologin<br>Groups       : rpc<br> <br>User         : gluster<br>Home folder  : /run/gluster<br>Start script : /sbin/nologin<br>Groups       : gluster<br> <br>User         : saslauth<br>Home folder  : /run/saslauthd<br>Start script : /sbin/nologin<br>Groups       : saslauth<br> <br>User         : radvd<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : radvd<br> <br>User         : rpcuser<br>Home folder  : /var/lib/nfs<br>Start script : /sbin/nologin<br>Groups       : rpcuser<br> <br>User         : nfsnobody<br>Home folder  : /var/lib/nfs<br>Start script : /sbin/nologin<br>Groups       : nfsnobody<br> <br>User         : qemu<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : kvm<br>               qemu<br> <br>User         : libvirtdbus<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : libvirtdbus<br> <br>User         : tcpdump<br>Home folder  : /<br>Start script : /sbin/nologin<br>Groups       : tcpdump<br> <br>User         : jenkins<br>Home folder  : /var/lib/jenkins<br>Start script : /bin/false<br>Groups       : jenkins<br> <br>User         : ntp<br>Home folder  : /etc/ntp<br>Start script : /sbin/nologin<br>Groups       : ntp<br> <br>User         : elasticsearch<br>Home folder  : /nonexistent<br>Start script : /sbin/nologin<br>Groups       : elasticsearch<br> <br>User         : suricata<br>Home folder  : /home/suricata<br>Start script : /sbin/nologin<br>Groups       : suricata<br> <br>User         : mssql<br>Home folder  : /var/opt/mssql<br>Start script : /bin/bash<br>Groups       : mssql<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417423256" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417423256-container');" onmouseover="this.style.cursor='pointer'">45433 - Memory Information (via DMI)<div id="idp45188417423256-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417423256-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Information about the remote system's memory devices can be read.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the SMBIOS (aka DMI) interface, it was possible to retrieve information about the remote system's memory devices, such as the total amount of installed memory.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/04/06, Modified: 2018/03/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Total memory : 16384 MB<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417434648" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417434648-container');" onmouseover="this.style.cursor='pointer'">179481 - Microsoft ODBC Driver For SQL Server Installed (Linux)<div id="idp45188417434648-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417434648-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Microsoft ODBC Driver for SQL Server was detected on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Microsoft ODBC Driver for SQL Server was detected on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417437720" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?3e257554" target="_blank">http://www.nessus.org/u?3e257554</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/08/08, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path    : /opt/microsoft/msodbcsql17<br>  Version : 17.10.4.1<br>  Product : Microsoft ODBC Driver for SQL Server<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417444120" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417444120-container');" onmouseover="this.style.cursor='pointer'">19506 - Nessus Scan Information<div id="idp45188417444120-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417444120-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin displays information about the Nessus scan.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin displays, for each tested host, information about the scan itself :<br> <br>  - The version of the plugin set.<br>  - The type of scanner (Nessus or Nessus Home).<br>  - The version of the Nessus Engine.<br>  - The port scanner(s) used.<br>  - The port range scanned.<br>  - The ping round trip time <br>  - Whether credentialed or third-party patch management     checks are possible.<br>  - Whether the display of superseded patches is enabled<br>  - The date of the scan.<br>  - The duration of the scan.<br>  - The number of hosts scanned in parallel.<br>  - The number of checks done in parallel.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2005/08/26, Modified: 2023/07/31<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Information about this scan : <br> <br>Nessus version : 10.2.0<br>Nessus build : 20075<br>Plugin feed version : 202309070210<br>Scanner edition used : Nessus<br>Scanner OS : LINUX<br>Scanner distribution : ubuntu1110-x86-64<br>Scan type : Normal<br>Scan name : test<br>Scan policy used : Advanced Scan<br>Scanner IP : 60.0.0.4<br>Port scanner(s) : netstat <br>Port range : default<br>Ping RTT : 15.423 ms<br>Thorough tests : no<br>Experimental tests : no<br>Plugin debugging enabled : no<br>Paranoia level : 1<br>Report verbosity : 1<br>Safe checks : yes<br>Optimize the test : yes<br>Credentialed checks : yes, as 'root' via ssh<br>Attempt Least Privilege : no<br>Patch management checks : None<br>Display superseded patches : yes (supersedence plugin launched)<br>CGI scanning : disabled<br>Web application tests : disabled<br>Max hosts : 100<br>Max checks : 5<br>Recv timeout : 5<br>Backports : None<br>Allow post-scan editing : Yes<br>Nessus Plugin Signature Checking : Enabled<br>Audit File Signature Checking : Disabled<br>Scan Start Date : 2023/9/18 11:09 CST<br>Scan duration : 1050 sec<br>Scan for malware : no<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417476376" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417476376-container');" onmouseover="this.style.cursor='pointer'">10147 - Nessus Server Detection<div id="idp45188417476376-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417476376-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A Nessus daemon is listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A Nessus daemon is listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417479448" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/products/nessus/nessus-professional" target="_blank">https://www.tenable.com/products/nessus/nessus-professional</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Ensure that the remote Nessus installation has been authorized.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188417483160" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0673</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 1999/10/12, Modified: 2023/02/08<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL          : https://172.16.187.220:8834/<br>  Version      : 10.1.2<br>  NASL Version : 19.1.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416763032" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416763032-container');" onmouseover="this.style.cursor='pointer'">64582 - Netstat Connection Information<div id="idp45188416763032-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416763032-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to parse the results of the 'netstat' command on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host has listening ports or established connections that Nessus was able to extract from the results of the 'netstat' command.<br> <br>Note: The output for this plugin can be very long, and is not shown by default. To display it, enable verbose reporting in scan settings.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2013/02/13, Modified: 2023/05/23<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416770200" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416770200-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188416770200-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416770200-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416774424" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 22/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417488792" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417488792-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417488792-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417488792-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417493016" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/53</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 53/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416638616" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416638616-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188416638616-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416638616-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416642840" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/53</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 53/udp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416648600" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416648600-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188416648600-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416648600-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417512984" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/67</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 67/udp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417518744" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417518744-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417518744-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417518744-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417527064" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/80/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 80/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417532824" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417532824-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417532824-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417532824-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417537048" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 111/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417542808" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417542808-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417542808-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417542808-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417559320" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 111/udp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416487832" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416487832-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188416487832-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416487832-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416496152" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/879</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 879/udp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416501912" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416501912-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188416501912-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416501912-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188416506136" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 3443/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416524184" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416524184-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188416524184-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416524184-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417564696" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 5003/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417570456" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417570456-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417570456-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417570456-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417574680" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 8834/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417580440" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417580440-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417580440-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417580440-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417584664" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 9090/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417590424" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417590424-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417590424-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417590424-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417594648" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 9999/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417612696" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417612696-container');" onmouseover="this.style.cursor='pointer'">14272 - Netstat Portscanner (SSH)<div id="idp45188417612696-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417612696-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remote open ports can be enumerated via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'.<br> <br>See the section 'plugins options' about configuring this plugin.<br> <br>Note: This plugin will run on Windows (using netstat.exe) in the event that the target being scanned is localhost.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417616920" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Netstat" target="_blank">https://en.wikipedia.org/wiki/Netstat</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2004/08/15, Modified: 2023/05/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/51371/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Port 51371/tcp was found to be open<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417626776" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417626776-container');" onmouseover="this.style.cursor='pointer'">11936 - OS Identification<div id="idp45188417626776-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417626776-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It is possible to guess the remote operating system.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess the name of the remote operating system in use. It is also possible sometimes to guess the version of the operating system.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2003/12/09, Modified: 2022/03/09<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Remote operating system : Linux Kernel 3.10.0-1160.88.1.el7.x86_64 on CentOS Linux release 7.9.2009 (Core)<br>Confidence level : 100<br>Method : LinuxDistribution<br> <br>Not all fingerprints could give a match. If you think some or all of<br>the following could be used to identify the host's operating system,<br>please email them to os-signatures@nessus.org. Be sure to include a<br>brief description of the host itself, such as the actual operating<br>system or product / model names.<br> <br>SSH:!:SSH-2.0-OpenSSH_8.6<br>uname:Linux kubespray 3.10.0-1160.88.1.el7.x86_64 #1 SMP Tue Mar 7 15:41:52 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux<br> <br>HTTP:!:Server: nginx/1.19.9<br> <br>SinFP:!:<br>   P1:B10113:F0x12:W29200:O0204ffff:M1460:<br>   P2:B10113:F0x12:W28960:O0204ffff0402080affffffff4445414401030307:M1460:<br>   P3:B00000:F0x00:W0:O0:M0<br>   P4:190200_7_p=3443R<br>SSLcert:!:i/CN:127.0.0.1i/O:Example Inc.i/OU:Web Securitys/CN:127.0.0.1s/O:Example Inc.s/OU:Web Security<br>63b0bc603d243d93706d370d971451bafc5ae5e6<br>i/CN:Nessus Certification Authorityi/O:Nessus Users Unitedi/OU:Nessus Certification Authoritys/CN:kubesprays/O:Nessus Users Uniteds/OU:Nessus Server<br>7eac1e62894f3f29e04dfe581792ce43a354738f<br> <br> <br> <br>The remote host is running Linux Kernel 3.10.0-1160.88.1.el7.x86_64 on CentOS Linux release 7.9.2009 (Core)<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417657496" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417657496-container');" onmouseover="this.style.cursor='pointer'">97993 - OS Identification and Installed Software Enumeration over SSH v2 (Using New SSH Library)<div id="idp45188417657496-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417657496-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Information about the remote host can be disclosed via an authenticated session.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to login to the remote host using SSH or local commands and extract the list of installed packages.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2017/05/30, Modified: 2023/04/05<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>It was possible to log into the remote host via SSH using 'password' authentication.<br> <br>The output of "uname -a" is :<br>Linux kubespray 3.10.0-1160.88.1.el7.x86_64 #1 SMP Tue Mar 7 15:41:52 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux<br> <br>Local checks have been enabled for this host.<br>The remote CentOS system is :<br>CentOS Linux release 7.9.2009 (Core)<br> <br>OS Security Patch Assessment is available for this host.<br>Runtime : 10.80916 seconds<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417667608" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417667608-container');" onmouseover="this.style.cursor='pointer'">117887 - OS Security Patch Assessment Available<div id="idp45188417667608-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417667608-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to log in to the remote host using the provided credentials and enumerate OS security patch levels.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to determine OS security patch levels by logging into the remote host and running commands to determine the version of the operating system and its components.  The remote host was identified as an operating system or device that Nessus supports for patch and update assessment.  The necessary information was obtained to perform these checks.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188417672856" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVB:0001-B-0516</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2018/10/02, Modified: 2021/07/12<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">OS Security Patch Assessment is available.<br> <br>Account  : root<br>Protocol : SSH<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417681688" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417681688-container');" onmouseover="this.style.cursor='pointer'">148373 - OpenJDK Java Detection (Linux / Unix)<div id="idp45188417681688-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417681688-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A distribution of Java is installed on the remote Linux / Unix host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">One or more instances of OpenJDK Java are installed on the remote host.  This may include private JREs bundled with the Java Development Kit (JDK).<br> <br>Notes:<br> <br>  - Addition information provided in plugin     Java Detection and Identification (Unix)<br> <br>  - Additional instances of Java may be discovered by enabling thorough     tests<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417686296" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://openjdk.java.net/" target="_blank">https://openjdk.java.net/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/04/07, Modified: 2023/07/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path            : /usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64/<br>  Version         : 1.11.0.18.10<br>  Binary Location : /usr/lib/jvm/java-11-openjdk-11.0.18.0.10-1.el7_9.x86_64/bin/java<br>  Managed by OS   : True<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417705240" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417705240-container');" onmouseover="this.style.cursor='pointer'">168007 - OpenSSL Installed (Linux)<div id="idp45188417705240-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417705240-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">OpenSSL was detected on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">OpenSSL was detected on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417708312" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://openssl.org/" target="_blank">https://openssl.org/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/11/21, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path    : /usr/lib64/libcrypto.so.1.0.2k<br>  Version : 1.0.2k<br> <br>We are unable to retrieve version info from the following list of OpenSSL files. However, they may include their OpenSSL version in full or part at the end of their names.<br> <br>e.g. libssl.so.3 (OpenSSl 3.x), libssl.so.1.1 (OpenSSL 1.1.x)<br> <br>/usr/lib64/libssl.so.1.0.2k<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417716248" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417716248-container');" onmouseover="this.style.cursor='pointer'">66334 - Patch Report<div id="idp45188417716248-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417716248-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host is missing several patches.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host is missing one or more security patches. This plugin lists the newest version of each patch to install to make sure the remote host is up-to-date.<br> <br>Note: Because the 'Show missing patches that have been superseded' setting in your scan policy depends on this plugin, it will always run and cannot be disabled.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Install the patches listed below.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2013/07/08, Modified: 2023/08/08<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br> <br>. You need to take the following 11 actions :<br> <br> <br>[ Apache Log4j 2.0 &lt; 2.3.2 / 2.4 &lt; 2.12.4 / 2.13 &lt; 2.17.1 RCE (156327) ]<br> <br>+ Action to take : Upgrade to Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation.<br> <br>Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.<br> <br>+Impact : Taking this action will resolve 5 different vulnerabilities (CVEs).<br> <br> <br> <br>[ CentOS 7 : bind (CESA-2023:4152) (179319) ]<br> <br>+ Action to take : Update the affected packages.<br> <br> <br>[ CentOS 7 : emacs (CESA-2023:3481) (178967) ]<br> <br>+ Action to take : Update the affected packages.<br> <br> <br>[ CentOS 7 : git (CESA-2023:3263) (178966) ]<br> <br>+ Action to take : Update the affected packages.<br> <br>+Impact : Taking this action will resolve 2 different vulnerabilities (CVEs).<br> <br> <br> <br>[ CentOS 7 : java-11-openjdk (CESA-2023:1875) (174680) ]<br> <br>+ Action to take : Update the affected packages.<br> <br>+Impact : Taking this action will resolve 7 different vulnerabilities (CVEs).<br> <br> <br> <br>[ CentOS 7 : kernel (CESA-2023:4151) (179318) ]<br> <br>+ Action to take : Update the affected packages.<br> <br> <br>[ CentOS 7 : python (CESA-2023:3555) (178968) ]<br> <br>+ Action to take : Update the affected packages.<br> <br> <br>[ CentOS 7 : python3 (CESA-2023:3556) (178973) ]<br> <br>+ Action to take : Update the affected packages.<br> <br> <br>[ Jenkins plugins Multiple Vulnerabilities (2023-08-16) (180006) ]<br> <br>+ Action to take : Update Jenkins plugins to the following versions:<br>  - Blue Ocean Plugin to version 1.27.5.1 or later<br>  - Config File Provider Plugin to version 953.v0432a_802e4d2 or later<br>  - Delphix Plugin to version 3.0.3 or later<br>  - Docker Swarm Plugin: See vendor advisory<br>  - Favorite View Plugin: See vendor advisory<br>  - Flaky Test Handler Plugin to version 1.2.3 or later<br>  - Folders Plugin to version 6.848.ve3b_fd7839a_81 or later<br>  - Fortify Plugin to version 22.2.39 or later<br>  - Gogs Plugin: See vendor advisory<br>  - Maven Artifact ChoiceListProvider (Nexus) Plugin: See vendor advisory<br>  - NodeJS Plugin to version 1.6.0.1 or later<br>  - Shortcut Job Plugin to version 0.5 or later<br>  - Tuleap Authentication Plugin to version 1.1.21 or later<br> <br>See vendor advisory for more details.<br> <br>+Impact : Taking this action will resolve 28 different vulnerabilities (CVEs).<br> <br> <br> <br>[ OpenJDK 8 &lt;= 8u362 / 11.0.0 &lt;= 11.0.18 / 17.0.0 &lt;= 17.0.6 / 20.0.0 &lt;= 20.0.0 Multiple Vulnerabilities (2023-04-18 (174697) ]<br> <br>+ Action to take : Upgrade to an OpenJDK version greater than 8u362 / 11.0.18 / 17.0.6 / 20.0.0<br> <br>+Impact : Taking this action will resolve 7 different vulnerabilities (CVEs).<br> <br> <br> <br>[ Tenable Nessus &lt; 10.6.0 Multiple Vulnerabilities (TNS-2023-29) (180253) ]<br> <br>+ Action to take : Upgrade to Tenable Nessus 10.6.0 or later.<br> <br>+Impact : Taking this action will resolve 49 different vulnerabilities (CVEs).<br> <br> <br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417752216" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417752216-container');" onmouseover="this.style.cursor='pointer'">45432 - Processor Information (via DMI)<div id="idp45188417752216-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417752216-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to read information about the remote system's processor.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to retrieve information about the remote system's hardware, such as its processor type, by using the SMBIOS (aka DMI) interface.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/04/06, Modified: 2016/02/25<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus detected 8 processors :<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<br> <br>Current Speed   : 2100 MHz<br>Version         : Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz<br>Manufacturer    : GenuineIntel<br>External Clock  : Unknown<br>Status          : Populated, Enabled<br>Family          : Unknown<br>Type            : Central Processor<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417792536" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417792536-container');" onmouseover="this.style.cursor='pointer'">11111 - RPC Services Enumeration<div id="idp45188417792536-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417792536-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An ONC RPC service is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port.  Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2002/08/24, Modified: 2011/05/24<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following RPC services are available on TCP port 111 :<br> <br> - program: 100000 (portmapper), version: 4<br> - program: 100000 (portmapper), version: 3<br> - program: 100000 (portmapper), version: 2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417800984" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417800984-container');" onmouseover="this.style.cursor='pointer'">11111 - RPC Services Enumeration<div id="idp45188417800984-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417800984-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An ONC RPC service is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port.  Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2002/08/24, Modified: 2011/05/24<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following RPC services are available on UDP port 111 :<br> <br> - program: 100000 (portmapper), version: 4<br> - program: 100000 (portmapper), version: 3<br> - program: 100000 (portmapper), version: 2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417809432" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417809432-container');" onmouseover="this.style.cursor='pointer'">53335 - RPC portmapper (TCP)<div id="idp45188417809432-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417809432-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An ONC RPC portmapper is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The RPC portmapper is running on this port. <br> <br>The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/04/08, Modified: 2011/08/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417816600" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417816600-container');" onmouseover="this.style.cursor='pointer'">10223 - RPC portmapper Service Detection<div id="idp45188417816600-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417816600-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An ONC RPC portmapper is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The RPC portmapper is running on this port.<br> <br>The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">CVSS v3.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">0.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">CVSS v2.0 Base Score<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">0.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:N)<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188417840664" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">CVE</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0632" target="_blank">CVE-1999-0632</a></td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 1999/08/19, Modified: 2019/10/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417844504" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417844504-container');" onmouseover="this.style.cursor='pointer'">45405 - Reachable IPv6 address<div id="idp45188417844504-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417844504-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host may be reachable from the Internet.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Although this host was scanned through a private IPv4 or local scope IPv6 address, some network interfaces are configured with global scope IPv6 addresses.  Depending on the configuration of the firewalls and routers, this host may be reachable from Internet.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Disable IPv6 if you do not actually using it. <br> <br>Otherwise, disable any unused IPv6 interfaces and implement IP filtering if needed.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2010/04/02, Modified: 2012/08/07<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following global addresss were gathered :<br> <br>  - ['ipv6': fe80::42:6dff:fe1a:6186]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::42:f3ff:fea7:8b29]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::42:3eff:fe74:96f5]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::42:f6ff:fe95:f7e4]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::cc94:efff:fe3c:8f6b]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::e0b5:1dff:fe83:eb43]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::6051:c6ff:fe0c:15d7]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::5468:a9ff:fe0e:23b3]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::d81a:56ff:fe6d:a1f0]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::12:57ff:fe39:16fd]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::7c86:a3ff:fec1:369a]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::183b:2aff:fede:371e]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::e8f3:50ff:fe31:599b]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::702e:bbff:fef4:eb27]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::ecce:73ff:fec5:5a2c]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': fe80::2898:9cff:fe35:ed63]['scope': link]['scopeid': 0x20]['prefixlen': 64]<br>  - ['ipv6': ::1]['scope': host]['scopeid': 0x10]['prefixlen': 128]<br>  - ['ipv6': fe80::31cc:24e3:f2:7bfc]['scope': link]['scopeid': 0x20]['prefixlen': 64]<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416968472" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416968472-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188416968472-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416968472-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 1163<br>  Executable   : /usr/sbin/sshd<br>  Command line : sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417849368" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417849368-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417849368-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417849368-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/67</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 1742<br>  Executable   : /usr/sbin/dnsmasq<br>  Command line : /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417857816" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417857816-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417857816-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417857816-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/80/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 21315<br>  Executable   : /usr/bin/docker-proxy<br>  Command line : /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.17.0.3 -container-port 80<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417866392" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417866392-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417866392-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417866392-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 708<br>  Executable   : /usr/sbin/rpcbind<br>  Command line : /sbin/rpcbind -w<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417887128" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417887128-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417887128-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417887128-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/111/rpc-portmapper</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 708<br>  Executable   : /usr/sbin/rpcbind<br>  Command line : /sbin/rpcbind -w<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417895576" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417895576-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417895576-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417895576-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/879</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 708<br>  Executable   : /usr/sbin/rpcbind<br>  Command line : /sbin/rpcbind -w<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417904024" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417904024-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417904024-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417904024-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 61581<br>  Executable   : /usr/bin/docker-proxy<br>  Command line : /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 3443 -container-ip 172.17.0.4 -container-port 3443<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417916568" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417916568-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417916568-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417916568-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 21318<br>  Executable   : /usr/bin/docker-proxy<br>  Command line : /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 5003 -container-ip 172.19.0.3 -container-port 443<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416729112" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416729112-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188416729112-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416729112-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 1291<br>  Executable   : /opt/nessus/sbin/nessusd<br>  Command line : nessusd -q<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416737560" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416737560-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188416737560-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416737560-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 1<br>  Executable   : /usr/lib/systemd/systemd<br>  Command line : /usr/lib/systemd/systemd --switched-root --system --deserialize 22<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417106456" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417106456-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417106456-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417106456-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 21251<br>  Executable   : /usr/bin/docker-proxy<br>  Command line : /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 9999 -container-ip 172.17.0.2 -container-port 80<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417115032" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417115032-container');" onmouseover="this.style.cursor='pointer'">25221 - Remote listeners enumeration (Linux / AIX)<div id="idp45188417115032-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417115032-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, it was possible to identify the process listening on the remote port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.<br> <br>Note that the method used by this plugin only works for hosts running Linux or AIX.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/51371/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Process ID   : 23566<br>  Executable   : /usr/bin/docker-proxy<br>  Command line : /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 51371 -container-ip 172.20.0.5 -container-port 51370<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188417971352" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417971352-container');" onmouseover="this.style.cursor='pointer'">133964 - SELinux Status Check<div id="idp45188417971352-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417971352-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">SELinux is available on the host and plugin was able to check if it is enabled.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">SELinux is available on the host and plugin was able to check if it is enabled.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2020/02/25, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">SELinux config has been found on the host.<br> <br>SELinux is disabled.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188417978904" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188417978904-container');" onmouseover="this.style.cursor='pointer'">174788 - SQLite Local Detection (Linux)<div id="idp45188417978904-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188417978904-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote Linux host has SQLite Database software installed.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Version information for SQLite was retrieved from the remote host.  SQLite is an embedded database written in C.<br> <br>  - To discover instances of SQLite that are not in PATH,     or installed via a package manager, 'Perform thorough tests'     setting must be enabled.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188417982616" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.sqlite.org/" target="_blank">https://www.sqlite.org/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2023/04/26, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus detected 2 installs of SQLite:<br> <br>  Path    : /usr/bin/sqlite3<br>  Version : 3.7.17<br> <br>  Path    : /bin/sqlite3<br>  Version : 3.7.17<br> <br>Version reported by the package manager.<br> <br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418003480" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418003480-container');" onmouseover="this.style.cursor='pointer'">70657 - SSH Algorithms and Languages Supported<div id="idp45188418003480-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418003480-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An SSH server is listening on this port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This script detects which algorithms and languages are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2013/10/28, Modified: 2017/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus negotiated the following encryption algorithm with the server : <br> <br>The server supports the following options for kex_algorithms : <br> <br>  curve25519-sha256<br>  curve25519-sha256@libssh.org<br>  diffie-hellman-group-exchange-sha256<br>  diffie-hellman-group14-sha256<br>  diffie-hellman-group16-sha512<br>  diffie-hellman-group18-sha512<br>  ecdh-sha2-nistp256<br>  ecdh-sha2-nistp384<br>  ecdh-sha2-nistp521<br> <br>The server supports the following options for server_host_key_algorithms : <br> <br>  ecdsa-sha2-nistp256<br>  rsa-sha2-256<br>  rsa-sha2-512<br>  ssh-ed25519<br>  ssh-rsa<br> <br>The server supports the following options for encryption_algorithms_client_to_server : <br> <br>  aes128-ctr<br>  aes128-gcm@openssh.com<br>  aes192-ctr<br>  aes256-ctr<br>  aes256-gcm@openssh.com<br>  chacha20-poly1305@openssh.com<br> <br>The server supports the following options for encryption_algorithms_server_to_client : <br> <br>  aes128-ctr<br>  aes128-gcm@openssh.com<br>  aes192-ctr<br>  aes256-ctr<br>  aes256-gcm@openssh.com<br>  chacha20-poly1305@openssh.com<br> <br>The server supports the following options for mac_algorithms_client_to_server : <br> <br>  hmac-sha1<br>  hmac-sha1-etm@openssh.com<br>  hmac-sha2-256<br>  hmac-sha2-256-etm@openssh.com<br>  hmac-sha2-512<br>  hmac-sha2-512-etm@openssh.com<br>  umac-128-etm@openssh.com<br>  umac-128@openssh.com<br>  umac-64-etm@openssh.com<br>  umac-64@openssh.com<br> <br>The server supports the following options for mac_algorithms_server_to_client : <br> <br>  hmac-sha1<br>  hmac-sha1-etm@openssh.com<br>  hmac-sha2-256<br>  hmac-sha2-256-etm@openssh.com<br>  hmac-sha2-512<br>  hmac-sha2-512-etm@openssh.com<br>  umac-128-etm@openssh.com<br>  umac-128@openssh.com<br>  umac-64-etm@openssh.com<br>  umac-64@openssh.com<br> <br>The server supports the following options for compression_algorithms_client_to_server : <br> <br>  none<br>  zlib@openssh.com<br> <br>The server supports the following options for compression_algorithms_server_to_client : <br> <br>  none<br>  zlib@openssh.com<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188418033944" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418033944-container');" onmouseover="this.style.cursor='pointer'">149334 - SSH Password Authentication Accepted<div id="idp45188418033944-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418033944-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSH server on the remote host accepts password authentication.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The SSH server on the remote host accepts password authentication.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418037016" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/rfc4252#section-8" target="_blank">https://tools.ietf.org/html/rfc4252#section-8</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/05/07, Modified: 2021/05/07<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188418042136" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418042136-container');" onmouseover="this.style.cursor='pointer'">10881 - SSH Protocol Versions Supported<div id="idp45188418042136-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418042136-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">A SSH server is running on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin determines the versions of the SSH protocol supported by the remote SSH daemon.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2002/03/06, Modified: 2021/01/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The remote SSH daemon supports the following versions of the<br>SSH protocol :<br> <br>  - 1.99<br>  - 2.0<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188418050200" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418050200-container');" onmouseover="this.style.cursor='pointer'">90707 - SSH SCP Protocol Detection<div id="idp45188418050200-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418050200-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the SCP protocol over SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the Secure Copy (SCP) protocol over SSH.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418053272" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Secure_copy" target="_blank">https://en.wikipedia.org/wiki/Secure_copy</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2016/04/26, Modified: 2017/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188418058392" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418058392-container');" onmouseover="this.style.cursor='pointer'">153588 - SSH SHA-1 HMAC Algorithms Enabled<div id="idp45188418058392-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418058392-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote SSH server is configured to enable SHA-1 HMAC algorithms.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote SSH server is configured to enable SHA-1 HMAC algorithms.<br> <br>Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions.<br> <br>Note that this plugin only checks for the options of the remote SSH server.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/09/23, Modified: 2022/04/05<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following client-to-server SHA-1 Hash-based Message Authentication Code (HMAC) algorithms are supported : <br> <br>  hmac-sha1<br>  hmac-sha1-etm@openssh.com<br> <br>The following server-to-client SHA-1 Hash-based Message Authentication Code (HMAC) algorithms are supported : <br> <br>  hmac-sha1<br>  hmac-sha1-etm@openssh.com<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188418068760" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418068760-container');" onmouseover="this.style.cursor='pointer'">10267 - SSH Server Type and Version Information<div id="idp45188418068760-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418068760-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">An SSH server is listening on this port.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It is possible to obtain information about the remote SSH server by sending an empty authentication request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188418073880" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0933</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 1999/10/12, Modified: 2020/09/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>SSH version : SSH-2.0-OpenSSH_8.6<br>SSH supported authentication : publickey,password<br>SSH banner : <br>\S<br>Kernel \r on an \m<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188416469784" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188416469784-container');" onmouseover="this.style.cursor='pointer'">56984 - SSL / TLS Versions Supported<div id="idp45188416469784-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188416469784-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/01, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>This port supports TLSv1.2.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418082968" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418082968-container');" onmouseover="this.style.cursor='pointer'">56984 - SSL / TLS Versions Supported<div id="idp45188418082968-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418082968-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/01, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>This port supports TLSv1.3/TLSv1.2.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418090520" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418090520-container');" onmouseover="this.style.cursor='pointer'">56984 - SSL / TLS Versions Supported<div id="idp45188418090520-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418090520-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/01, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>This port supports TLSv1.3/TLSv1.2.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418098072" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418098072-container');" onmouseover="this.style.cursor='pointer'">56984 - SSL / TLS Versions Supported<div id="idp45188418098072-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418098072-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/01, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>This port supports TLSv1.1/TLSv1.2.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418117912" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418117912-container');" onmouseover="this.style.cursor='pointer'">10863 - SSL Certificate Information<div id="idp45188418117912-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418117912-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin displays the SSL certificate.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2008/05/19, Modified: 2021/02/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Subject Name: <br> <br>Organization: Acunetix Ltd<br>Organization Unit: Acunetix Web Vulnerability Scanner<br>Common Name: awvs<br> <br>Issuer Name: <br> <br>Organization: Acunetix Ltd.<br>Organization Unit: Acunetix WVS<br>Common Name: Acunetix WVS Root Authority (bpxzW)<br> <br>Serial Number: 11 3D 30 39 <br> <br>Version: 3<br> <br>Signature Algorithm: SHA-256 With RSA Encryption<br> <br>Not Valid Before: May 02 08:22:18 2022 GMT<br>Not Valid After: Apr 29 08:22:18 2032 GMT<br> <br>Public Key Info: <br> <br>Algorithm: RSA Encryption<br>Key Length: 2048 bits<br>Public Key: 00 BB 76 CF 10 5E 81 37 09 BE A0 3E C2 DF 9D A7 FB 5C 9D 13 <br>            23 42 4E 77 1D 77 BA EB 70 4E 9F 65 2B D9 C5 58 7E D2 66 68 <br>            56 38 BE 26 B7 7C 20 29 99 03 16 15 23 35 53 29 B3 C5 CE E0 <br>            64 FE B1 6F 58 7C 6A DB B6 04 82 E1 15 6C FE 42 0F E7 FB 38 <br>            88 D3 32 80 46 D3 BB EE B8 BB DC 2D 9A 26 67 A6 C0 50 C5 FE <br>            DE CE 98 74 7D 28 43 9E A1 62 D0 FD 14 F4 F9 BE 11 8D E7 FE <br>            EE 77 E7 39 E7 09 7F 99 30 08 EA E8 1F 9E 50 FC 5F 78 D6 CE <br>            CE E8 ED 6C 12 E5 F7 31 AD 1D AF CD C6 B8 75 D5 68 81 56 00 <br>            95 38 62 2F FB A0 CA D5 93 93 CD BC 56 95 E5 AC 7E F8 51 C4 <br>            35 29 D5 F5 83 53 CF F6 42 F8 B5 99 59 B1 65 61 C3 21 BA 38 <br>            A1 C7 7D 0C 70 5D 28 EA C0 4B 63 CA E5 6D 54 72 4B E9 08 23 <br>            DE 86 31 AF 27 AD 7D B8 F6 C2 40 EE E3 79 59 84 44 C9 78 47 <br>            23 E9 D6 51 78 46 E6 73 E8 F5 02 0A 6D B7 A7 D8 89 <br>Exponent: 01 00 01 <br> <br>Signature Length: 256 bytes / 2048 bits<br>Signature: 00 46 68 67 93 6C 39 F6 17 76 A2 14 AC A1 76 62 E4 7E 5B 48 <br>           68 2A 09 A6 A4 AC 9B 8F 16 8B C2 5E 7F 77 41 89 5D BC D7 72 <br>           46 1B 37 53 9D D3 D8 A7 DE 02 7E 7E CA EE 21 07 FF 70 D1 E4 <br>           A0 BE FC 8E DE 01 BE AC 12 76 AF AB 7F 68 39 5D B9 52 8B 45 <br>           44 D4 07 3E D2 65 1A BD 58 AC C8 D3 80 FA CF 64 7F A3 29 11 <br>           C8 1A 89 D3 85 A9 C5 7D 67 4C 89 CE 40 E8 09 56 12 F4 C5 73 <br>           E9 C3 51 F0 12 FE FC 61 1D 77 79 96 29 A2 D4 0A DB F9 0B 93 <br>           E3 0A BE 79 D3 92 06 33 F4 2D DB 4F A3 03 78 46 A8 6F 1A CC <br>           36 B6 58 51 0B 6C 3E 9F 66 3A F3 48 1B 77 6C B0 69 6C F5 3D <br>           0B 71 07 33 CD 16 0B C1 CA D8 44 FE A1 F2 2C D0 72 CD 89 CC <br>           83 18 BC 14 B2 59 B3 F9 88 F4 CC 48 E8 E7 D2 66 E4 08 C3 B8 <br>           50 54 3C 55 5B 4A B4 F4 FC 24 1E CB 60 4B 3B A1 EB 87 D8 0C <br>           49 A3 44 4C B3 1E F0 E9 D0 9B 0E 47 14 66 E3 87 7D <br> <br>Extension: Subject Alternative Name (2.5.29.17)<br>Critical: 0<br>DNS: awvs<br> <br> <br>Fingerprints : <br> <br>SHA-256 Fingerprint: 04 DD F9 B1 87 B4 26 CF 17 15 3F 66 8D 6A 86 98 11 62 97 8E <br>                     86 0F 48 6B FE C7 42 BE 88 84 41 D9 <br>SHA-1 Fingerprint: A4 44 E0 00 F8 47 CC B9 9C 1F 19 8F DD F5 F7 43 17 DB 78 B1 <br>MD5 Fingerprint: 85 3F A6 E3 64 50 D8 1F 89 87 88 A5 2E DA 9D 6F <br> <br> <br>PEM certificate : <br> <br>-----BEGIN CERTIFICATE-----<br>MIIDQTCCAimgAwIBAgIEET0wOTANBgkqhkiG9w0BAQsFADBdMRYwFAYDVQQKDA1BY3VuZXRpeCBMdGQuMRUwEwYDVQQLDAxBY3VuZXRpeCBXVlMxLDAqBgNVBAMMI0FjdW5ldGl4IFdWUyBSb290IEF1dGhvcml0eSAoYnB4elcpMB4XDTIyMDUwMjA4MjIxOFoXDTMyMDQyOTA4MjIxOFowUzEVMBMGA1UECgwMQWN1bmV0aXggTHRkMSswKQYDVQQLDCJBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyMQ0wCwYDVQQDDARhd3ZzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3bPEF6BNwm+oD7C352n+1ydEyNCTncdd7rrcE6fZSvZxVh+0mZoVji+Jrd8ICmZAxYVIzVTKbPFzuBk/rFvWHxq27YEguEVbP5CD+f7OIjTMoBG07vuuLvcLZomZ6bAUMX+3s6YdH0oQ56hYtD9FPT5vhGN5/7ud+c55wl/mTAI6ugfnlD8X3jWzs7o7WwS5fcxrR2vzca4ddVogVYAlThiL/ugytWTk828VpXlrH74UcQ1KdX1g1PP9kL4tZlZsWVhwyG6OKHHfQxwXSjqwEtjyuVtVHJL6Qgj3oYxryetfbj2wkDu43lZhETJeEcj6dZReEbmc+j1Agptt6fYiQIDAQABoxMwETAPBgNVHREECDAGggRhd3ZzMA0GCSqGSIb3DQEBCwUAA4IBAQBGaGeTbDn2F3aiFKyhdmLkfltIaCoJpqSsm48Wi8Jef3dBiV2813JGGzdTndPYp94Cfn7K7iEH/3DR5KC+/I7eAb6sEnavq39oOV25UotFRNQHPtJlGr1YrMjTgPrPZH+jKRHIGonThanFfWdMic5A6AlWEvTFc+nDUfAS/vxhHXd5limi1Arb+QuT4wq+edOSBjP0LdtPowN4RqhvGsw2tlhRC2w+n2Y680gbd2ywaWz1PQtxBzPNFgvBythE/qHyLNByzYnMgxi8FLJZs/mI9MxI6OfSZuQIw7hQVDxVW0q09PwkHstgSzuh64fYDEmjREyzHvDp0JsORxRm44d9<br>-----END CERTIFICATE-----<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418143512" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418143512-container');" onmouseover="this.style.cursor='pointer'">10863 - SSL Certificate Information<div id="idp45188418143512-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418143512-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin displays the SSL certificate.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2008/05/19, Modified: 2021/02/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Subject Name: <br> <br>Country: CN<br>State/Province: Shanghai<br>Locality: Shanghai<br>Organization: Example Inc.<br>Organization Unit: Web Security<br>Common Name: 127.0.0.1<br> <br>Issuer Name: <br> <br>Country: CN<br>State/Province: Shanghai<br>Locality: Shanghai<br>Organization: Example Inc.<br>Organization Unit: Web Security<br>Common Name: 127.0.0.1<br> <br>Serial Number: 00 A4 94 BE 4C DE 37 69 B8 <br> <br>Version: 1<br> <br>Signature Algorithm: SHA-256 With RSA Encryption<br> <br>Not Valid Before: Aug 21 06:57:44 2023 GMT<br>Not Valid After: Aug 18 06:57:44 2033 GMT<br> <br>Public Key Info: <br> <br>Algorithm: RSA Encryption<br>Key Length: 2048 bits<br>Public Key: 00 D1 D5 4C 63 B6 FE 7D 81 8D B6 F2 B6 AF 17 20 AE B0 7F 86 <br>            ED 9C 83 FE 94 63 26 0D CD B0 F5 3C EA 8F 38 E7 43 CD E0 B5 <br>            85 80 EC 0F 9B B8 3F 60 0E 31 FD 74 09 F4 6D A7 34 25 A4 99 <br>            29 29 51 1F 1C D8 D4 B2 62 3A 5C 38 8E 43 F4 20 29 E9 69 E7 <br>            A3 15 C2 28 EB E2 EE 5C 5E 53 F1 0F 83 8E B1 82 89 AB 4E DC <br>            EB 85 5F 07 1D FB 7B F3 B2 0F 32 08 8B 44 E5 1D B8 B9 72 76 <br>            C0 2F 88 C3 B1 5C 62 0B 12 FE B1 72 B3 18 D4 AC 19 D3 48 40 <br>            55 0C 8F FF 78 E4 A2 67 41 82 06 A3 07 6D 3D 27 C9 62 57 D5 <br>            99 28 8E 47 8A 24 95 64 30 1C 15 64 7A 6B 1A CC 66 70 00 28 <br>            3A 52 CC A0 83 E3 B7 42 C9 4C 4D 63 3A 77 79 74 B5 90 3F 5F <br>            AD 24 EF F9 2A 6A D1 E3 0B A2 86 D1 86 B0 35 76 15 12 21 00 <br>            29 AE 46 D1 59 7F 69 71 04 10 62 5A 38 60 D7 7C 73 89 42 11 <br>            A1 E5 3D 74 08 18 8A 20 A2 94 62 7C 5B B2 A4 9C CD <br>Exponent: 01 00 01 <br> <br>Signature Length: 256 bytes / 2048 bits<br>Signature: 00 4A A0 F3 80 37 89 FC 24 0B E8 A6 EE D2 53 B6 1F B1 A6 59 <br>           A0 BE 8F 12 44 D0 17 61 B6 FA 1D 92 BF D3 27 F7 86 51 43 0F <br>           36 7B 6B DD AD 4A 7A 64 FE 13 34 F2 8C DB 1E 0B 77 B2 BF 2F <br>           FB 33 97 FC 2D 6D F1 2C 2A 83 14 77 A6 DB B1 A4 B3 18 B9 7D <br>           49 2D 32 A8 F3 B2 F9 8B 12 5D 0E BB F9 D5 89 1C 42 13 6E B5 <br>           C5 10 44 02 09 4B 75 E8 FB 71 8B D2 72 E7 62 8D D5 F2 72 40 <br>           56 88 F7 05 6F 62 89 C2 BF AB 2B 0A 10 20 F7 1C 1F 46 39 3B <br>           D0 A1 57 4A 86 36 16 1A 74 54 9B D6 A8 B2 F6 C0 45 60 7A 9D <br>           0A 0B 06 05 34 8E 2C 42 AF A8 AA 57 F6 FB 91 D4 90 2A 1E 53 <br>           23 C8 9B 06 81 A5 7D 56 87 AB 97 4F BB 6F 45 01 27 9B 76 CB <br>           C4 12 E9 3B 83 A9 BE 58 47 A6 F6 A1 B2 7D A8 63 8F 58 FD BD <br>           6A F3 79 B9 2F 1D 3A EC 87 92 A7 EF 77 28 B9 9E C0 CC 9E D3 <br>           5E 4D 9C 9B D7 81 50 AC 45 91 E4 D0 0A B3 AD CE D0 <br> <br>Fingerprints : <br> <br>SHA-256 Fingerprint: B2 EF 86 CE 32 CB 31 6C D6 1D 4F AD 04 DD C2 12 F3 88 66 6B <br>                     C5 CD 67 DE 2D 3D 56 D5 A0 91 FE 48 <br>SHA-1 Fingerprint: 63 B0 BC 60 3D 24 3D 93 70 6D 37 0D 97 14 51 BA FC 5A E5 E6 <br>MD5 Fingerprint: 13 F6 AC 15 29 47 57 72 88 EB BB 1B 98 E0 94 CC <br> <br> <br>PEM certificate : <br> <br>-----BEGIN CERTIFICATE-----<br>MIIDZjCCAk4CCQCklL5M3jdpuDANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJDTjERMA8GA1UECAwIU2hhbmdoYWkxETAPBgNVBAcMCFNoYW5naGFpMRUwEwYDVQQKDAxFeGFtcGxlIEluYy4xFTATBgNVBAsMDFdlYiBTZWN1cml0eTESMBAGA1UEAwwJMTI3LjAuMC4xMB4XDTIzMDgyMTA2NTc0NFoXDTMzMDgxODA2NTc0NFowdTELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFNoYW5naGFpMREwDwYDVQQHDAhTaGFuZ2hhaTEVMBMGA1UECgwMRXhhbXBsZSBJbmMuMRUwEwYDVQQLDAxXZWIgU2VjdXJpdHkxEjAQBgNVBAMMCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANHVTGO2/n2Bjbbytq8XIK6wf4btnIP+lGMmDc2w9TzqjzjnQ83gtYWA7A+buD9gDjH9dAn0bac0JaSZKSlRHxzY1LJiOlw4jkP0ICnpaeejFcIo6+LuXF5T8Q+DjrGCiatO3OuFXwcd+3vzsg8yCItE5R24uXJ2wC+Iw7FcYgsS/rFysxjUrBnTSEBVDI//eOSiZ0GCBqMHbT0nyWJX1ZkojkeKJJVkMBwVZHprGsxmcAAoOlLMoIPjt0LJTE1jOnd5dLWQP1+tJO/5KmrR4wuihtGGsDV2FRIhACmuRtFZf2lxBBBiWjhg13xziUIRoeU9dAgYiiCilGJ8W7KknM0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEASqDzgDeJ/CQL6Kbu0lO2H7GmWaC+jxJE0Bdhtvodkr/TJ/eGUUMPNntr3a1KemT+EzTyjNseC3eyvy/7M5f8LW3xLCqDFHem27Gksxi5fUktMqjzsvmLEl0Ou/nViRxCE261xRBEAglLdej7cYvScudijdXyckBWiPcFb2KJwr+rKwoQIPccH0Y5O9ChV0qGNhYadFSb1qiy9sBFYHqdCgsGBTSOLEKvqKpX9vuR1JAqHlMjyJsGgaV9Voerl0+7b0UBJ5t2y8QS6TuDqb5YR6b2obJ9qGOPWP29avN5uS8dOuyHkqfvdyi5nsDMntNeTZyb14FQrEWR5NAKs63O0A==<br>-----END CERTIFICATE-----<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418173464" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418173464-container');" onmouseover="this.style.cursor='pointer'">10863 - SSL Certificate Information<div id="idp45188418173464-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418173464-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin displays the SSL certificate.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2008/05/19, Modified: 2021/02/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Subject Name: <br> <br>Organization: Nessus Users United<br>Organization Unit: Nessus Server<br>Locality: New York<br>Country: US<br>State/Province: NY<br>Common Name: kubespray<br> <br>Issuer Name: <br> <br>Organization: Nessus Users United<br>Organization Unit: Nessus Certification Authority<br>Locality: New York<br>Country: US<br>State/Province: NY<br>Common Name: Nessus Certification Authority<br> <br>Serial Number: 5E 85 <br> <br>Version: 3<br> <br>Signature Algorithm: SHA-256 With RSA Encryption<br> <br>Not Valid Before: May 19 02:10:53 2022 GMT<br>Not Valid After: May 18 02:10:53 2026 GMT<br> <br>Public Key Info: <br> <br>Algorithm: RSA Encryption<br>Key Length: 2048 bits<br>Public Key: 00 A3 B5 C1 97 17 7E D1 AF 7F 28 C0 4D EB 72 28 C2 41 9F 40 <br>            12 5F 97 EE C2 25 9D 57 E6 3E C3 5A 34 BB 11 B6 9E 80 BF 6A <br>            A6 9A 04 54 CC D1 EF 4F 16 2E 3E 20 6E 0C C5 E9 70 89 2D EA <br>            8E 47 1C 3B 80 C5 66 E2 68 A0 F2 6D 94 26 93 F2 BC 26 06 64 <br>            69 5D 39 2E 38 C7 88 29 7B D2 BE FF 0C D6 83 22 F5 0E 81 1D <br>            2B 25 F5 FB 36 1B 18 26 B9 3B F2 EE B7 D2 75 84 D0 EF 90 58 <br>            F7 51 B5 D5 84 19 46 38 DA 6A 4C FB A1 BA 16 24 F9 78 2D 85 <br>            A7 1A DC 0A 87 59 35 34 A1 F6 25 69 8A F8 AC FA 60 62 12 8B <br>            B0 B3 AB 3B AA E3 75 FC E1 52 6F 42 37 FB C1 6F 6D 9B 48 1A <br>            22 1D 5F AB EC 41 68 A8 1D B7 54 21 E8 9F EC EF D2 38 E7 BB <br>            CC 08 5F 02 95 AF 22 41 B7 BD 7F 7F AC 35 84 A4 8E 27 2B D9 <br>            E5 95 A7 C7 9D EE 29 80 AF 97 EC 36 7D A3 4E BA 95 E1 16 17 <br>            29 E1 34 69 0D 58 7D 87 A9 9B 44 7B 15 37 93 F3 87 <br>Exponent: 01 00 01 <br> <br>Signature Length: 256 bytes / 2048 bits<br>Signature: 00 AC 15 1B 49 22 5A 82 65 26 FE 9F 61 24 B8 44 89 D5 F3 1D <br>           7B 6F 54 5F 45 AE D1 47 77 3C 07 06 2B BF 11 B2 C9 6B E1 C0 <br>           1A F0 36 CE 9D 98 C2 99 BA AE B8 04 3C FD 53 C8 AD FD 26 FA <br>           4C 48 3C 00 90 92 BA 7C FA B3 D5 CC 5A CC 35 D7 D3 69 CA 1D <br>           EE 92 2A 71 DE 5E 5C F3 DF D3 E8 60 24 20 D3 0E 70 54 55 7B <br>           DA B3 02 D3 BF 87 5B 25 E5 AF 4D 88 BC 60 23 59 92 77 7D 71 <br>           E4 3F DB DF DF 78 F2 02 5A 70 2D B3 95 80 C5 D7 A8 EE 82 2D <br>           72 0D 9E 58 80 0F 8F 8D F3 47 50 52 12 F0 B8 60 0F 37 7D C2 <br>           B6 41 F0 02 E0 CA DD 0B 46 6A 3A B3 9A 8C 1A 51 06 91 90 4C <br>           87 9D 78 94 CB F7 23 A5 1E 63 95 40 98 A5 99 DD 05 EE 32 42 <br>           43 3B 13 32 7E 68 9D 8E 2A A2 3C E7 EF 63 32 40 65 3D 95 7C <br>           B7 83 FB 76 36 C8 1E FE D3 17 64 53 EF 5F FC 9F AA 23 C9 36 <br>           BD 99 7F 1B 8D 13 5B F6 E8 C7 47 C8 4F 09 B5 07 9E <br> <br>Extension: 2.16.840.1.113730.1.1<br>Critical: 0<br>Data: 03 02 06 40 <br> <br> <br>Extension: Key Usage (2.5.29.15)<br>Critical: 1<br>Key Usage: Digital Signature, Non Repudiation, Key Encipherment<br> <br> <br>Fingerprints : <br> <br>SHA-256 Fingerprint: 4E FF 67 29 FD 44 F2 DD 66 36 9E 48 C2 69 A2 54 FF 9E 73 35 <br>                     1B 7D 08 3C 06 D8 F5 EC 08 F0 AB 60 <br>SHA-1 Fingerprint: 7E AC 1E 62 89 4F 3F 29 E0 4D FE 58 17 92 CE 43 A3 54 73 8F <br>MD5 Fingerprint: 00 42 FF D7 DB 64 65 7B C6 52 51 70 67 30 4C BD <br> <br> <br>PEM certificate : <br> <br>-----BEGIN CERTIFICATE-----<br>MIIDtjCCAp6gAwIBAgICXoUwDQYJKoZIhvcNAQELBQAwgZ0xHDAaBgNVBAoME05lc3N1cyBVc2VycyBVbml0ZWQxJzAlBgNVBAsMHk5lc3N1cyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBwwITmV3IFlvcmsxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOWTEnMCUGA1UEAwweTmVzc3VzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIyMDUxOTAyMTA1M1oXDTI2MDUxODAyMTA1M1owdzEcMBoGA1UECgwTTmVzc3VzIFVzZXJzIFVuaXRlZDEWMBQGA1UECwwNTmVzc3VzIFNlcnZlcjERMA8GA1UEBwwITmV3IFlvcmsxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOWTESMBAGA1UEAwwJa3ViZXNwcmF5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7XBlxd+0a9/KMBN63IowkGfQBJfl+7CJZ1X5j7DWjS7EbaegL9qppoEVMzR708WLj4gbgzF6XCJLeqORxw7gMVm4mig8m2UJpPyvCYGZGldOS44x4gpe9K+/wzWgyL1DoEdKyX1+zYbGCa5O/Lut9J1hNDvkFj3UbXVhBlGONpqTPuhuhYk+Xgthaca3AqHWTU0ofYlaYr4rPpgYhKLsLOrO6rjdfzhUm9CN/vBb22bSBoiHV+r7EFoqB23VCHon+zv0jjnu8wIXwKVryJBt71/f6w1hKSOJyvZ5ZWnx53uKYCvl+w2faNOupXhFhcp4TRpDVh9h6mbRHsVN5PzhwIDAQABoyUwIzARBglghkgBhvhCAQEEBAMCBkAwDgYDVR0PAQH/BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQCsFRtJIlqCZSb+n2EkuESJ1fMde29UX0Wu0Ud3PAcGK78Rsslr4cAa8DbOnZjCmbquuAQ8/VPIrf0m+kxIPACQkrp8+rPVzFrMNdfTacod7pIqcd5eXPPf0+hgJCDTDnBUVXvaswLTv4dbJeWvTYi8YCNZknd9ceQ/29/fePICWnAts5WAxdeo7oItcg2eWIAPj43zR1BSEvC4YA83fcK2QfAC4MrdC0ZqOrOajBpRBpGQTIedeJTL9yOlHmOVQJilmd0F7jJCQzsTMn5onY4qojzn72MyQGU9lXy3g/t2Nsge/tMXZFPvX/yfqiPJNr2ZfxuNE1v26MdHyE8JtQee<br>-----END CERTIFICATE-----<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418242840" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418242840-container');" onmouseover="this.style.cursor='pointer'">10863 - SSL Certificate Information<div id="idp45188418242840-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418242840-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin displays the SSL certificate.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2008/05/19, Modified: 2021/02/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Subject Name: <br> <br>Organization: 6a4ec7da413943ac87428e1dc85c97c9<br>Common Name: kubespray<br> <br>Issuer Name: <br> <br>Organization: 6a4ec7da413943ac87428e1dc85c97c9<br>Common Name: kubespray<br> <br>Serial Number: 00 E0 C3 CA 50 28 4C 50 ED <br> <br>Version: 3<br> <br>Signature Algorithm: SHA-256 With RSA Encryption<br> <br>Not Valid Before: May 18 07:47:37 2022 GMT<br>Not Valid After: Apr 24 07:47:37 2122 GMT<br> <br>Public Key Info: <br> <br>Algorithm: RSA Encryption<br>Key Length: 2048 bits<br>Public Key: 00 B8 E1 79 04 FB 43 0E D2 F7 FD DF 77 CC 7F DF E6 1C E4 92 <br>            54 59 A8 FB 75 70 E4 8D 3D 4E D9 09 CA 80 90 C6 50 D6 B4 28 <br>            8C 83 33 49 96 74 3D 7C 5D 8E 02 01 9B 03 3F D4 00 6A 2B 95 <br>            9C 37 D3 B9 51 C1 97 03 7A E1 67 48 05 34 C0 FF D6 A1 C1 D2 <br>            0C 0D 62 2D 58 16 15 BF 16 AF FB A4 C2 87 34 56 95 50 ED 7B <br>            FB 6D 2B 81 98 CE 36 EC 41 73 A2 B4 E9 AE 75 AB AA 01 91 EF <br>            77 E9 32 F0 DC 91 CA DA 8F 3F E5 A2 99 65 EC 8E 78 97 BD 58 <br>            92 20 1F 59 86 E5 BB 70 FA 48 5E 52 78 EC 13 91 A7 54 C5 38 <br>            24 0F 32 0A F9 7B 8A 86 2D 2B 94 C8 7D D6 0E 09 7D 8F 13 E9 <br>            C1 C8 44 12 4C F8 AE A7 41 D9 CA CD FA 02 72 5C 2F 3F 27 27 <br>            96 E5 D4 0F 70 45 D8 61 D7 FB 7D 9C CA C5 05 D1 C9 AE 1B F4 <br>            0F C9 D6 EA C6 92 F7 5A 5D 66 E7 45 DE 92 E5 F1 62 0F F4 3F <br>            2B DF E8 F8 7C 6F 22 CD BC FA 91 D0 08 1B 2C 3E EB <br>Exponent: 01 00 01 <br> <br>Signature Length: 256 bytes / 2048 bits<br>Signature: 00 95 08 9C 2F F5 B7 E0 19 92 E3 98 B1 AE FD 18 CB 0E 99 D5 <br>           4F 9C ED FA 66 31 54 FA D8 F2 A8 43 87 AA 5E 0A 7B 6F 71 46 <br>           FA B9 27 AA 8D 43 7C 61 89 D8 69 8E 89 D8 C4 F2 7A 88 99 00 <br>           31 BF FD 40 85 3C 0D 93 4F D8 50 11 BD D9 94 D6 FA 52 AE A4 <br>           98 C7 69 BF 4F A1 C8 03 08 91 E6 C9 0B 0F 3E 61 FC B3 C6 64 <br>           7E 9A 06 9F 29 35 D3 79 A5 73 32 24 DE 4B E7 6C 5F AF D2 0C <br>           84 88 4F C6 85 EB 08 48 48 D9 D5 3A 05 23 B0 BE 7F 69 70 58 <br>           B7 24 25 3C B7 9C 3A 98 28 64 15 C1 6D 8E 4E 55 83 F1 84 6F <br>           FD A3 DD 16 46 2C 6D 2F BB A2 F0 A1 0C 21 56 F8 11 2A 0D 41 <br>           13 EC C4 55 77 EC 83 F7 C1 E9 C8 12 B1 23 2A CC 5E 7E 52 B1 <br>           25 73 A1 67 08 01 49 E1 28 48 E8 CB 45 52 05 DC E4 4F 64 1E <br>           69 0C EB 51 1B 5D 53 22 73 DD 16 FF EA 41 C4 80 C9 BF 77 8E <br>           43 D9 39 90 CA B0 70 D1 F8 AF F1 2B DB 3C 01 E6 49 <br> <br>Extension: Subject Alternative Name (2.5.29.17)<br>Critical: 0<br>DNS: localhost<br> <br> <br>Fingerprints : <br> <br>SHA-256 Fingerprint: 6D 29 B6 33 9F 44 6D C8 94 30 E2 CD 48 91 79 62 67 55 2B 64 <br>                     EF D9 78 68 E9 A4 93 94 97 99 6F B2 <br>SHA-1 Fingerprint: 22 89 8F 07 DF 6D E7 CD D2 9D 08 8A FE B8 25 A5 1A 6A AD C8 <br>MD5 Fingerprint: B3 6D 28 E6 69 8D D2 1A 39 14 D7 B0 AC E9 B5 4E <br> <br> <br>PEM certificate : <br> <br>-----BEGIN CERTIFICATE-----<br>MIIDITCCAgmgAwIBAgIJAODDylAoTFDtMA0GCSqGSIb3DQEBCwUAMD8xKTAnBgNVBAoMIDZhNGVjN2RhNDEzOTQzYWM4NzQyOGUxZGM4NWM5N2M5MRIwEAYDVQQDDAlrdWJlc3ByYXkwIBcNMjIwNTE4MDc0NzM3WhgPMjEyMjA0MjQwNzQ3MzdaMD8xKTAnBgNVBAoMIDZhNGVjN2RhNDEzOTQzYWM4NzQyOGUxZGM4NWM5N2M5MRIwEAYDVQQDDAlrdWJlc3ByYXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC44XkE+0MO0vf933fMf9/mHOSSVFmo+3Vw5I09TtkJyoCQxlDWtCiMgzNJlnQ9fF2OAgGbAz/UAGorlZw307lRwZcDeuFnSAU0wP/WocHSDA1iLVgWFb8Wr/ukwoc0VpVQ7Xv7bSuBmM427EFzorTprnWrqgGR73fpMvDckcrajz/lopll7I54l71YkiAfWYblu3D6SF5SeOwTkadUxTgkDzIK+XuKhi0rlMh91g4JfY8T6cHIRBJM+K6nQdnKzfoCclwvPycnluXUD3BF2GHX+32cysUF0cmuG/QPydbqxpL3Wl1m50XekuXxYg/0Pyvf6Ph8byLNvPqR0AgbLD7rAgMBAAGjHjAcMBoGA1UdEQQTMBGHBH8AAAGCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAQEAlQicL/W34BmS45ixrv0Yyw6Z1U+c7fpmMVT62PKoQ4eqXgp7b3FG+rknqo1DfGGJ2GmOidjE8nqImQAxv/1AhTwNk0/YUBG92ZTW+lKupJjHab9PocgDCJHmyQsPPmH8s8ZkfpoGnyk103mlczIk3kvnbF+v0gyEiE/GhesISEjZ1ToFI7C+f2lwWLckJTy3nDqYKGQVwW2OTlWD8YRv/aPdFkYsbS+7ovChDCFW+BEqDUET7MRVd+yD98HpyBKxIyrMXn5SsSVzoWcIAUnhKEjoy0VSBdzkT2QeaQzrURtdUyJz3Rb/6kHEgMm/d45D2TmQyrBw0fiv8SvbPAHmSQ==<br>-----END CERTIFICATE-----<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418267928" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418267928-container');" onmouseover="this.style.cursor='pointer'">70544 - SSL Cipher Block Chaining Cipher Suites Supported<div id="idp45188418267928-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418267928-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode.  These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418271128" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/manmaster/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?cc4a822a" target="_blank">http://www.nessus.org/u?cc4a822a</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/~bodo/tls-cbc.txt" target="_blank">https://www.openssl.org/~bodo/tls-cbc.txt</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2013/10/22, Modified: 2021/02/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL CBC ciphers supported by the remote server :<br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x28       ECDH          RSA      AES-CBC(256)           SHA384<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418283032" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418283032-container');" onmouseover="this.style.cursor='pointer'">70544 - SSL Cipher Block Chaining Cipher Suites Supported<div id="idp45188418283032-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418283032-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode.  These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418286232" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/manmaster/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?cc4a822a" target="_blank">http://www.nessus.org/u?cc4a822a</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/~bodo/tls-cbc.txt" target="_blank">https://www.openssl.org/~bodo/tls-cbc.txt</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2013/10/22, Modified: 2021/02/03<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL CBC ciphers supported by the remote server :<br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-CAMELLIA-CBC-128    0xC0, 0x76       ECDH          RSA      Camellia-CBC(128)      SHA256<br>    ECDHE-RSA-AES128-SHA          0xC0, 0x13       ECDH          RSA      AES-CBC(128)           SHA1<br>    ECDHE-RSA-AES256-SHA          0xC0, 0x14       ECDH          RSA      AES-CBC(256)           SHA1<br>    AES128-SHA                    0x00, 0x2F       RSA           RSA      AES-CBC(128)           SHA1<br>    AES256-SHA                    0x00, 0x35       RSA           RSA      AES-CBC(256)           SHA1<br>    CAMELLIA128-SHA               0x00, 0x41       RSA           RSA      Camellia-CBC(128)      SHA1<br>    CAMELLIA256-SHA               0x00, 0x84       RSA           RSA      Camellia-CBC(256)      SHA1<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br>    RSA-AES128-SHA256             0x00, 0x3C       RSA           RSA      AES-CBC(128)           SHA256<br>    RSA-AES256-SHA256             0x00, 0x3D       RSA           RSA      AES-CBC(256)           SHA256<br>    RSA-CAMELLIA128-SHA256        0x00, 0xBA       RSA           RSA      Camellia-CBC(128)      SHA256<br>    RSA-CAMELLIA256-SHA256        0x00, 0xC0       RSA           RSA      Camellia-CBC(256)      SHA256<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418304792" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418304792-container');" onmouseover="this.style.cursor='pointer'">21643 - SSL Cipher Suites Supported<div id="idp45188418304792-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418304792-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications using SSL.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418320152" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/man1.0.2/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/man1.0.2/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?e17ffced" target="_blank">http://www.nessus.org/u?e17ffced</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2006/06/05, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL ciphers supported by the remote server :<br>Each group is reported per SSL Version.<br> <br>SSL Version : TLSv12<br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x28       ECDH          RSA      AES-CBC(256)           SHA384<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418332312" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418332312-container');" onmouseover="this.style.cursor='pointer'">21643 - SSL Cipher Suites Supported<div id="idp45188418332312-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418332312-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications using SSL.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418335384" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/man1.0.2/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/man1.0.2/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?e17ffced" target="_blank">http://www.nessus.org/u?e17ffced</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2006/06/05, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL ciphers supported by the remote server :<br>Each group is reported per SSL Version.<br> <br>SSL Version : TLSv13<br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    TLS_AES_128_GCM_SHA256        0x13, 0x01       -             -        AES-GCM(128)           AEAD<br>    TLS_AES_256_GCM_SHA384        0x13, 0x02       -             -        AES-GCM(256)           AEAD<br>    TLS_CHACHA20_POLY1305_SHA256  0x13, 0x03       -             -        ChaCha20-Poly1305(256) AEAD<br> <br> <br>SSL Version : TLSv12<br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    DHE-RSA-AES128-SHA256         0x00, 0x9E       DH            RSA      AES-GCM(128)           SHA256<br>    DHE-RSA-AES256-SHA384         0x00, 0x9F       DH            RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-CHACHA20-POLY1305   0xCC, 0xA8       ECDH          RSA      ChaCha20-Poly1305(256) SHA256<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418354456" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418354456-container');" onmouseover="this.style.cursor='pointer'">21643 - SSL Cipher Suites Supported<div id="idp45188418354456-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418354456-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications using SSL.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418357528" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/man1.0.2/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/man1.0.2/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?e17ffced" target="_blank">http://www.nessus.org/u?e17ffced</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2006/06/05, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL ciphers supported by the remote server :<br>Each group is reported per SSL Version.<br> <br>SSL Version : TLSv13<br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    TLS_AES_128_GCM_SHA256        0x13, 0x01       -             -        AES-GCM(128)           AEAD<br>    TLS_AES_256_GCM_SHA384        0x13, 0x02       -             -        AES-GCM(256)           AEAD<br>    TLS_CHACHA20_POLY1305_SHA256  0x13, 0x03       -             -        ChaCha20-Poly1305(256) AEAD<br> <br> <br>SSL Version : TLSv12<br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418384024" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418384024-container');" onmouseover="this.style.cursor='pointer'">21643 - SSL Cipher Suites Supported<div id="idp45188418384024-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418384024-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts communications using SSL.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418387096" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/man1.0.2/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/man1.0.2/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?e17ffced" target="_blank">http://www.nessus.org/u?e17ffced</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2006/06/05, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL ciphers supported by the remote server :<br>Each group is reported per SSL Version.<br> <br>SSL Version : TLSv12<br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-CAMELLIA-CBC-128    0xC0, 0x76       ECDH          RSA      Camellia-CBC(128)      SHA256<br>    ECDHE-RSA-CAMELLIA-GCM-128    0xC0, 0x8A       ECDH          RSA      Camellia-GCM(128)      SHA256<br>    ECDHE-RSA-CAMELLIA-GCM-256    0xC0, 0x8B       ECDH          RSA      Camellia-GCM(256)      SHA384<br>    RSA-AES128-SHA256             0x00, 0x9C       RSA           RSA      AES-GCM(128)           SHA256<br>    RSA-AES256-SHA384             0x00, 0x9D       RSA           RSA      AES-GCM(256)           SHA384<br>    RSA-CAMELLIA-GCM-128          0xC0, 0x7A       RSA           RSA      Camellia-GCM(128)      SHA256<br>    RSA-CAMELLIA-GCM-256          0xC0, 0x7B       RSA           RSA      Camellia-GCM(256)      SHA384<br>    ECDHE-RSA-AES128-SHA          0xC0, 0x13       ECDH          RSA      AES-CBC(128)           SHA1<br>    ECDHE-RSA-AES256-SHA          0xC0, 0x14       ECDH          RSA      AES-CBC(256)           SHA1<br>    AES128-SHA                    0x00, 0x2F       RSA           RSA      AES-CBC(128)           SHA1<br>    AES256-SHA                    0x00, 0x35       RSA           RSA      AES-CBC(256)           SHA1<br>    CAMELLIA128-SHA               0x00, 0x41       RSA           RSA      Camellia-CBC(128)      SHA1<br>    CAMELLIA256-SHA               0x00, 0x84       RSA           RSA      Camellia-CBC(256)      SHA1<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br>    RSA-AES128-SHA256             0x00, 0x3C       RSA           RSA      AES-CBC(128)           SHA256<br>    RSA-AES256-SHA256             0x00, 0x3D       RSA           RSA      AES-CBC(256)           SHA256<br>    RSA-CAMELLIA128-SHA256        0x00, 0xBA       RSA           RSA      Camellia-CBC(128)      SHA256<br>    RSA-CAMELLIA256-SHA256        0x00, 0xC0       RSA           RSA      Camellia-CBC(256)      SHA256<br> <br> <br>SSL Version : TLSv11<br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA          0xC0, 0x13       ECDH          RSA      AES-CBC(128)           SHA1<br>    ECDHE-RSA-AES256-SHA          0xC0, 0x14       ECDH          RSA      AES-CBC(256)           SHA1<br>    AES128-SHA                    0x00, 0x2F       RSA           RSA      AES-CBC(128)           SHA1<br>    AES256-SHA                    0x00, 0x35       RSA           RSA      AES-CBC(256)           SHA1<br>    CAMELLIA128-SHA               0x00, 0x41       RSA           RSA      Camellia-CBC(128)      SHA1<br>    CAMELLIA256-SHA               0x00, 0x84       RSA           RSA      Camellia-CBC(256)      SHA1<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418414872" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418414872-container');" onmouseover="this.style.cursor='pointer'">57041 - SSL Perfect Forward Secrecy Cipher Suites Supported<div id="idp45188418414872-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418414872-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality even if the key is stolen.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption.  These cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is compromised.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418417944" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/manmaster/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange" target="_blank">https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Perfect_forward_secrecy" target="_blank">https://en.wikipedia.org/wiki/Perfect_forward_secrecy</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/07, Modified: 2021/03/09<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL PFS ciphers supported by the remote server :<br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x28       ECDH          RSA      AES-CBC(256)           SHA384<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418442648" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418442648-container');" onmouseover="this.style.cursor='pointer'">57041 - SSL Perfect Forward Secrecy Cipher Suites Supported<div id="idp45188418442648-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418442648-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality even if the key is stolen.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption.  These cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is compromised.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418445720" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/manmaster/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange" target="_blank">https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Perfect_forward_secrecy" target="_blank">https://en.wikipedia.org/wiki/Perfect_forward_secrecy</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/07, Modified: 2021/03/09<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL PFS ciphers supported by the remote server :<br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    DHE-RSA-AES128-SHA256         0x00, 0x9E       DH            RSA      AES-GCM(128)           SHA256<br>    DHE-RSA-AES256-SHA384         0x00, 0x9F       DH            RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-CHACHA20-POLY1305   0xCC, 0xA8       ECDH          RSA      ChaCha20-Poly1305(256) SHA256<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418458392" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418458392-container');" onmouseover="this.style.cursor='pointer'">57041 - SSL Perfect Forward Secrecy Cipher Suites Supported<div id="idp45188418458392-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418458392-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality even if the key is stolen.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption.  These cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is compromised.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418461464" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/manmaster/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange" target="_blank">https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Perfect_forward_secrecy" target="_blank">https://en.wikipedia.org/wiki/Perfect_forward_secrecy</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/07, Modified: 2021/03/09<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL PFS ciphers supported by the remote server :<br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418473368" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418473368-container');" onmouseover="this.style.cursor='pointer'">57041 - SSL Perfect Forward Secrecy Cipher Suites Supported<div id="idp45188418473368-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418473368-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality even if the key is stolen.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption.  These cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is compromised.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418476440" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.openssl.org/docs/manmaster/man1/ciphers.html" target="_blank">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange" target="_blank">https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://en.wikipedia.org/wiki/Perfect_forward_secrecy" target="_blank">https://en.wikipedia.org/wiki/Perfect_forward_secrecy</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/12/07, Modified: 2021/03/09<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of SSL PFS ciphers supported by the remote server :<br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x2F       ECDH          RSA      AES-GCM(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x30       ECDH          RSA      AES-GCM(256)           SHA384<br>    ECDHE-RSA-CAMELLIA-CBC-128    0xC0, 0x76       ECDH          RSA      Camellia-CBC(128)      SHA256<br>    ECDHE-RSA-CAMELLIA-GCM-128    0xC0, 0x8A       ECDH          RSA      Camellia-GCM(128)      SHA256<br>    ECDHE-RSA-CAMELLIA-GCM-256    0xC0, 0x8B       ECDH          RSA      Camellia-GCM(256)      SHA384<br>    ECDHE-RSA-AES128-SHA          0xC0, 0x13       ECDH          RSA      AES-CBC(128)           SHA1<br>    ECDHE-RSA-AES256-SHA          0xC0, 0x14       ECDH          RSA      AES-CBC(256)           SHA1<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418502168" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418502168-container');" onmouseover="this.style.cursor='pointer'">156899 - SSL/TLS Recommended Cipher Suites<div id="idp45188418502168-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418502168-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host advertises discouraged SSL/TLS ciphers.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable support for the following cipher suites:<br> <br>TLSv1.3:<br>  - 0x13,0x01 TLS13_AES_128_GCM_SHA256<br>  - 0x13,0x02 TLS13_AES_256_GCM_SHA384<br>  - 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256<br> <br>TLSv1.2:<br>  - 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256<br>  - 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256<br>  - 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384<br>  - 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384<br>  - 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305<br>  - 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305<br>  - 0x00,0x9E DHE-RSA-AES128-GCM-SHA256<br>  - 0x00,0x9F DHE-RSA-AES256-GCM-SHA384<br> <br>This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with nearly every client released in the last five (or more) years.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418509592" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://wiki.mozilla.org/Security/Server_Side_TLS" target="_blank">https://wiki.mozilla.org/Security/Server_Side_TLS</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://ssl-config.mozilla.org/" target="_blank">https://ssl-config.mozilla.org/</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Only enable support for recommened cipher suites.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/01/20, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:<br> <br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br>    ECDHE-RSA-AES256-SHA384       0xC0, 0x28       ECDH          RSA      AES-CBC(256)           SHA384<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418565784" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418565784-container');" onmouseover="this.style.cursor='pointer'">156899 - SSL/TLS Recommended Cipher Suites<div id="idp45188418565784-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418565784-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host advertises discouraged SSL/TLS ciphers.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable support for the following cipher suites:<br> <br>TLSv1.3:<br>  - 0x13,0x01 TLS13_AES_128_GCM_SHA256<br>  - 0x13,0x02 TLS13_AES_256_GCM_SHA384<br>  - 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256<br> <br>TLSv1.2:<br>  - 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256<br>  - 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256<br>  - 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384<br>  - 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384<br>  - 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305<br>  - 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305<br>  - 0x00,0x9E DHE-RSA-AES128-GCM-SHA256<br>  - 0x00,0x9F DHE-RSA-AES256-GCM-SHA384<br> <br>This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with nearly every client released in the last five (or more) years.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418573208" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://wiki.mozilla.org/Security/Server_Side_TLS" target="_blank">https://wiki.mozilla.org/Security/Server_Side_TLS</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://ssl-config.mozilla.org/" target="_blank">https://ssl-config.mozilla.org/</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Only enable support for recommened cipher suites.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/01/20, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:<br> <br> <br>  High Strength Ciphers (&gt;= 112-bit key)<br> <br>    Name                          Code             KEX           Auth     Encryption             MAC<br>    ----------------------        ----------       ---           ----     ---------------------  ---<br>    ECDHE-RSA-CAMELLIA-CBC-128    0xC0, 0x76       ECDH          RSA      Camellia-CBC(128)      SHA256<br>    ECDHE-RSA-CAMELLIA-GCM-128    0xC0, 0x8A       ECDH          RSA      Camellia-GCM(128)      SHA256<br>    ECDHE-RSA-CAMELLIA-GCM-256    0xC0, 0x8B       ECDH          RSA      Camellia-GCM(256)      SHA384<br>    RSA-AES128-SHA256             0x00, 0x9C       RSA           RSA      AES-GCM(128)           SHA256<br>    RSA-AES256-SHA384             0x00, 0x9D       RSA           RSA      AES-GCM(256)           SHA384<br>    RSA-CAMELLIA-GCM-128          0xC0, 0x7A       RSA           RSA      Camellia-GCM(128)      SHA256<br>    RSA-CAMELLIA-GCM-256          0xC0, 0x7B       RSA           RSA      Camellia-GCM(256)      SHA384<br>    ECDHE-RSA-AES128-SHA          0xC0, 0x13       ECDH          RSA      AES-CBC(128)           SHA1<br>    ECDHE-RSA-AES256-SHA          0xC0, 0x14       ECDH          RSA      AES-CBC(256)           SHA1<br>    AES128-SHA                    0x00, 0x2F       RSA           RSA      AES-CBC(128)           SHA1<br>    AES256-SHA                    0x00, 0x35       RSA           RSA      AES-CBC(256)           SHA1<br>    CAMELLIA128-SHA               0x00, 0x41       RSA           RSA      Camellia-CBC(128)      SHA1<br>    CAMELLIA256-SHA               0x00, 0x84       RSA           RSA      Camellia-CBC(256)      SHA1<br>    ECDHE-RSA-AES128-SHA256       0xC0, 0x27       ECDH          RSA      AES-CBC(128)           SHA256<br>    RSA-AES128-SHA256             0x00, 0x3C       RSA           RSA      AES-CBC(128)           SHA256<br>    RSA-AES256-SHA256             0x00, 0x3D       RSA           RSA      AES-CBC(256)           SHA256<br>    RSA-CAMELLIA128-SHA256        0x00, 0xBA       RSA           RSA      Camellia-CBC(128)      SHA256<br>    RSA-CAMELLIA256-SHA256        0x00, 0xC0       RSA           RSA      Camellia-CBC(256)      SHA256<br> <br>The fields above are :<br> <br>  {Tenable ciphername}<br>  {Cipher ID code}<br>  Kex={key exchange}<br>  Auth={authentication}<br>  Encrypt={symmetric encryption method}<br>  MAC={message authentication code}<br>  {export flag}<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418588440" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418588440-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418588440-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418588440-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">An SSH server is running on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418607896" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418607896-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418607896-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418607896-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/80/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A web server is running on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418619160" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418619160-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418619160-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418619160-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A TLSv1.2 server answered on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A web server is running on this port through TLSv1.2.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418627224" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418627224-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418627224-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418627224-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A TLSv1.2 server answered on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A web server is running on this port through TLSv1.2.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418635288" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418635288-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418635288-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418635288-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A TLSv1.2 server answered on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A web server is running on this port through TLSv1.2.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418647448" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418647448-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418647448-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418647448-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A TLSv1.1 server answered on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A web server is running on this port through TLSv1.1.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418659608" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418659608-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418659608-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418659608-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A web server is running on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418679064" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418679064-container');" onmouseover="this.style.cursor='pointer'">22964 - Service Detection<div id="idp45188418679064-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418679064-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service could be identified.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/08/19, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/51371/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">A web server is running on this port.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418686232" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418686232-container');" onmouseover="this.style.cursor='pointer'">22869 - Software Enumeration (SSH)<div id="idp45188418686232-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418686232-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It was possible to enumerate installed software on the remote host via SSH.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to list the software installed on the remote host by calling the appropriate command (e.g., 'rpm -qa' on RPM-based Linux distributions, qpkg, dpkg, etc.).<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Remove any software that is not in compliance with your organization's acceptable use and security policies.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188418691352" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0502</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2006/10/15, Modified: 2022/09/06<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Here is the list of packages installed on the remote CentOS Linux system : <br> <br>  fontconfig-2.13.0-4.3.el7|(none)      Mon 27 Mar 2023 09:57:39 AM +08<br>  libibverbs-22.4-6.el7_9|(none)      Thu 07 Jul 2022 02:44:02 PM +08<br>  graphite2-1.3.10-1.el7_3|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  libX11-1.6.7-4.el7_9|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  aic94xx-firmware-30-6.el7|(none)      Fri 06 May 2022 10:00:34 AM +08<br>  ncurses-base-5.9-14.20130511.el7_4|(none)      Fri 06 May 2022 09:59:02 AM +08<br>  cups-libs-1.6.3-51.el7|1      Mon 27 Mar 2023 09:57:41 AM +08<br>  ipxe-roms-qemu-20180825-3.git133f4c.el7|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  python-lxml-3.2.1-4.el7|(none)      Mon 27 Mar 2023 09:57:42 AM +08<br>  pulseaudio-libs-10.0-6.el7_9|(none)      Thu 07 Jul 2022 02:44:04 PM +08<br>  basesystem-10.0-7.el7.centos|(none)      Fri 06 May 2022 09:59:10 AM +08<br>  libXrender-0.9.10-1.el7|(none)      Mon 27 Mar 2023 09:57:52 AM +08<br>  spice-server-0.14.0-9.el7_9.1|(none)      Thu 07 Jul 2022 02:44:04 PM +08<br>  ntpdate-4.2.6p5-29.el7.centos.2|(none)      Mon 27 Mar 2023 11:41:26 AM +08<br>  qemu-kvm-1.5.3-175.el7_9.6|10      Thu 07 Jul 2022 02:44:06 PM +08<br>  ncurses-libs-5.9-14.20130511.el7_4|(none)      Fri 06 May 2022 09:59:13 AM +08<br>  unzip-6.0-24.el7_9|(none)      Tue 06 Jun 2023 02:47:20 PM +08<br>  libvirt-python-4.5.0-1.el7|(none)      Thu 07 Jul 2022 03:08:34 PM +08<br>  redhat-rpm-config-9.1.0-88.el7.centos|(none)      Tue 06 Jun 2023 02:47:21 PM +08<br>  libosinfo-1.1.0-5.el7|(none)      Thu 07 Jul 2022 03:08:35 PM +08<br>  pcre-8.32-17.el7|(none)      Fri 06 May 2022 09:59:14 AM +08<br>  rpmdevtools-8.3-8.el7_9|(none)      Tue 06 Jun 2023 02:47:29 PM +08<br>  virt-install-1.5.0-7.el7|(none)      Thu 07 Jul 2022 03:08:37 PM +08<br>  p11-kit-0.23.5-3.el7|(none)      Fri 06 May 2022 09:59:15 AM +08<br>  perl-Data-Dumper-2.145-3.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python36-websocket-client-0.47.0-2.el7|(none)      Wed 27 Jul 2022 02:32:10 PM +08<br>  libtasn1-4.10-1.el7|(none)      Fri 06 May 2022 09:59:15 AM +08<br>  perl-Digest-1.17-245.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python36-docker-pycreds-0.2.1-2.el7|(none)      Wed 27 Jul 2022 02:32:11 PM +08<br>  libxml2-python-2.9.1-6.el7_9.6|(none)      Fri 06 May 2022 10:40:18 AM +08<br>  perl-HTTP-Date-6.02-8.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python36-chardet-3.0.4-1.el7|(none)      Wed 27 Jul 2022 02:32:11 PM +08<br>  bash-completion-2.1-8.el7|1      Fri 06 May 2022 10:40:20 AM +08<br>  perl-IO-Socket-SSL-1.94-7.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python36-texttable-1.6.2-1.el7|(none)      Wed 27 Jul 2022 02:32:12 PM +08<br>  perl-Pod-Perldoc-3.20-4.el7|(none)      Fri 06 May 2022 10:41:17 AM +08<br>  perl-WWW-RobotRules-6.02-5.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  tcpdump-4.9.2-4.el7_7.1|14      Wed 21 Sep 2022 02:27:04 PM +08<br>  perl-Pod-Usage-1.63-3.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  libcap-ng-0.7.5-4.el7|(none)      Fri 06 May 2022 09:59:21 AM +08<br>  mailcap-2.1.41-2.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  tree-1.6.0-10.el7|(none)      Sat 19 Nov 2022 03:14:25 PM +08<br>  perl-constant-1.27-2.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-HTML-Parser-3.71-4.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  zlib-1.2.7-21.el7_9|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  perl-Storable-2.45-3.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-LWP-Protocol-https-6.04-4.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  libuuid-2.23.2-65.el7_9.1|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  perl-File-Temp-0.23.01-3.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  elasticsearch-7.13.0-1|0      Tue 04 Jul 2023 03:20:22 PM +08<br>  libdb-5.3.21-25.el7|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  perl-Filter-1.49-3.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  hiredis-0.12.1-2.el7|(none)      Tue 04 Jul 2023 03:47:08 PM +08<br>  centos-release-7-9.2009.1.el7.centos|(none)      Mon 27 Mar 2023 09:45:24 AM +08<br>  perl-Error-0.17020-2.el7|1      Fri 06 May 2022 10:41:25 AM +08<br>  python2-pyyaml-3.10-0.el7|(none)      Tue 04 Jul 2023 03:47:41 PM +08<br>  expat-2.1.0-15.el7_9|(none)      Mon 27 Mar 2023 09:45:24 AM +08<br>  cracklib-dicts-2.9.0-11.el7|(none)      Fri 06 May 2022 09:59:26 AM +08<br>  iptables-1.4.21-35.el7|(none)      Mon 27 Mar 2023 09:45:25 AM +08<br>  python3-3.6.8-18.el7|(none)      Fri 06 May 2022 10:41:32 AM +08<br>  libassuan-2.1.0-3.el7|(none)      Fri 06 May 2022 09:59:27 AM +08<br>  msodbcsql17-17.10.4.1-1|(none)      Wed 05 Jul 2023 01:21:18 PM +08<br>  libffi-3.0.13-19.el7|(none)      Mon 27 Mar 2023 09:45:26 AM +08<br>  vim-common-7.4.629-8.el7_9|2      Fri 06 May 2022 10:53:24 AM +08<br>  libstdc++-devel-4.8.5-44.el7|(none)      Tue 18 Jul 2023 02:00:25 PM +08<br>  hostname-3.13-3.el7_7.1|(none)      Mon 27 Mar 2023 09:45:26 AM +08<br>  lm_sensors-libs-3.4.0-8.20160601gitf9185e5.el7|(none)      Fri 06 May 2022 11:35:38 AM +08<br>  jansson-2.10-1.el7|(none)      Fri 06 May 2022 09:59:28 AM +08<br>  libdb-utils-5.3.21-25.el7|(none)      Mon 27 Mar 2023 09:45:27 AM +08<br>  libselinux-2.5-15.el7|(none)      Mon 09 May 2022 02:23:07 PM +08<br>  newt-0.52.15-4.el7|(none)      Fri 06 May 2022 09:59:28 AM +08<br>  acl-2.2.51-15.el7|(none)      Mon 27 Mar 2023 09:45:27 AM +08<br>  yum-3.4.3-168.el7.centos|(none)      Mon 09 May 2022 02:23:09 PM +08<br>  gdbm-1.10-8.el7|(none)      Fri 06 May 2022 09:59:29 AM +08<br>  libpng-1.5.13-8.el7|2      Mon 27 Mar 2023 09:45:28 AM +08<br>  libproxy-0.4.11-11.el7|(none)      Wed 18 May 2022 03:27:50 PM +08<br>  docker-buildx-plugin-0.10.2-1.el7|0      Mon 27 Mar 2023 09:45:34 AM +08<br>  gnutls-3.3.29-9.el7_6|(none)      Wed 18 May 2022 03:27:51 PM +08<br>  python-slip-0.4.0-4.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  openssl-libs-1.0.2k-26.el7_9|1      Mon 27 Mar 2023 09:45:54 AM +08<br>  cockpit-ws-195.12-1.el7.centos|(none)      Wed 18 May 2022 03:27:53 PM +08<br>  newt-python-0.52.15-4.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  libblkid-2.23.2-65.el7_9.1|(none)      Mon 27 Mar 2023 09:45:56 AM +08<br>  python-six-1.9.0-2.el7|(none)      Wed 15 Jun 2022 02:35:47 PM +08<br>  python-iniparse-0.4-9.el7|(none)      Fri 06 May 2022 09:59:34 AM +08<br>  libmount-2.23.2-65.el7_9.1|(none)      Mon 27 Mar 2023 09:45:59 AM +08<br>  libcgroup-0.41-21.el7|(none)      Wed 15 Jun 2022 02:35:48 PM +08<br>  libcroco-0.6.12-6.el7_9|(none)      Mon 27 Mar 2023 09:46:01 AM +08<br>  python-docker-pycreds-0.3.0-11.el7|1      Wed 15 Jun 2022 02:35:49 PM +08<br>  slirp4netns-0.4.3-4.el7_8|(none)      Mon 27 Mar 2023 09:46:01 AM +08<br>  python-requests-2.6.0-10.el7|(none)      Wed 15 Jun 2022 02:35:49 PM +08<br>  pkgconfig-0.27.1-4.el7|1      Fri 06 May 2022 09:59:35 AM +08<br>  docker-ce-cli-23.0.1-1.el7|1      Mon 27 Mar 2023 09:46:04 AM +08<br>  checkpolicy-2.5-8.el7|(none)      Wed 15 Jun 2022 02:35:50 PM +08<br>  logrotate-3.8.6-19.el7|(none)      Mon 27 Mar 2023 09:46:05 AM +08<br>  nss-tools-3.79.0-5.el7_9|(none)      Mon 27 Mar 2023 09:46:06 AM +08<br>  kde-filesystem-4-47.el7|(none)      Thu 16 Jun 2022 01:57:36 PM +08<br>  libssh2-1.8.0-4.el7|(none)      Mon 27 Mar 2023 09:46:08 AM +08<br>  python-setuptools-0.9.8-7.el7|(none)      Thu 16 Jun 2022 03:06:02 PM +08<br>  python-pycurl-7.19.0-19.el7|(none)      Fri 06 May 2022 09:59:38 AM +08<br>  rpm-4.11.3-48.el7_9|(none)      Mon 27 Mar 2023 09:46:09 AM +08<br>  glibc-2.17-326.el7_9|(none)      Fri 17 Jun 2022 02:37:57 PM +08<br>  centos-logos-70.0.6-3.el7.centos|(none)      Fri 06 May 2022 09:59:41 AM +08<br>  GeoIP-1.5.0-14.el7|(none)      Mon 27 Mar 2023 09:46:10 AM +08<br>  libgomp-4.8.5-44.el7|(none)      Fri 17 Jun 2022 02:37:59 PM +08<br>  kpartx-0.4.9-136.el7_9|(none)      Mon 27 Mar 2023 09:46:11 AM +08<br>  gcc-4.8.5-44.el7|(none)      Fri 17 Jun 2022 02:38:06 PM +08<br>  pinentry-0.8.1-17.el7|(none)      Fri 06 May 2022 09:59:42 AM +08<br>  libsmartcols-2.23.2-65.el7_9.1|(none)      Mon 27 Mar 2023 09:46:11 AM +08<br>  python-rpm-macros-3-34.el7|(none)      Fri 17 Jun 2022 02:38:55 PM +08<br>  kmod-20-28.el7|(none)      Mon 27 Mar 2023 09:46:13 AM +08<br>  avahi-libs-0.6.31-20.el7|(none)      Thu 07 Jul 2022 02:42:50 PM +08<br>  systemd-219-78.el7_9.7|(none)      Mon 27 Mar 2023 09:46:16 AM +08<br>  device-mapper-1.02.170-6.el7_9.5|7      Thu 07 Jul 2022 02:42:51 PM +08<br>  libsemanage-2.5-14.el7|(none)      Fri 06 May 2022 09:59:44 AM +08<br>  systemd-sysv-219-78.el7_9.7|(none)      Mon 27 Mar 2023 09:46:18 AM +08<br>  boost-system-1.53.0-28.el7|(none)      Thu 07 Jul 2022 02:42:51 PM +08<br>  libfastjson-0.99.4-3.el7|(none)      Fri 06 May 2022 09:59:45 AM +08<br>  cronie-1.4.11-24.el7_9|(none)      Mon 27 Mar 2023 09:46:19 AM +08<br>  iscsi-initiator-utils-6.2.0.874-22.el7_9|(none)      Thu 07 Jul 2022 02:42:53 PM +08<br>  qrencode-libs-3.4.1-3.el7|(none)      Fri 06 May 2022 09:59:45 AM +08<br>  grub2-tools-extra-2.02-0.87.0.2.el7.centos.11|1      Mon 27 Mar 2023 09:46:21 AM +08<br>  libref_array-0.1.5-32.el7|(none)      Thu 07 Jul 2022 02:42:54 PM +08<br>  lsscsi-0.27-6.el7|(none)      Fri 06 May 2022 09:59:46 AM +08<br>  dracut-network-033-572.el7|(none)      Mon 27 Mar 2023 09:46:21 AM +08<br>  librados2-10.2.5-4.el7|1      Thu 07 Jul 2022 02:42:56 PM +08<br>  docker-ce-23.0.1-1.el7|3      Mon 27 Mar 2023 09:46:33 AM +08<br>  libverto-libevent-0.2.5-4.el7|(none)      Thu 07 Jul 2022 02:42:57 PM +08<br>  plymouth-core-libs-0.8.9-0.34.20140113.el7.centos|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  lvm2-2.02.187-6.el7_9.5|7      Thu 07 Jul 2022 02:42:59 PM +08<br>  numactl-libs-2.0.12-5.el7|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  glusterfs-api-6.0-61.el7|(none)      Thu 07 Jul 2022 02:43:01 PM +08<br>  libndp-1.2-9.el7|(none)      Mon 27 Mar 2023 09:46:36 AM +08<br>  quota-nls-4.01-19.el7|1      Thu 07 Jul 2022 02:43:03 PM +08<br>  kbd-legacy-1.15.5-16.el7_9|(none)      Mon 27 Mar 2023 09:46:37 AM +08<br>  quota-4.01-19.el7|1      Thu 07 Jul 2022 02:43:04 PM +08<br>  os-prober-1.58-9.el7|(none)      Fri 06 May 2022 09:59:51 AM +08<br>  NetworkManager-tui-1.18.8-2.el7_9|1      Mon 27 Mar 2023 09:46:38 AM +08<br>  libvirt-bash-completion-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  crontabs-1.11-6.20121102git.el7|(none)      Fri 06 May 2022 09:59:52 AM +08<br>  tuned-2.11.0-12.el7_9|(none)      Mon 27 Mar 2023 09:46:38 AM +08<br>  bridge-utils-1.5-9.el7|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  postfix-2.10.1-9.el7|2      Mon 27 Mar 2023 09:46:40 AM +08<br>  autogen-libopts-5.18-5.el7|(none)      Thu 07 Jul 2022 02:43:06 PM +08<br>  rsyslog-8.24.0-57.el7_9.3|(none)      Mon 27 Mar 2023 09:47:04 AM +08<br>  qemu-img-1.5.3-175.el7_9.6|10      Thu 07 Jul 2022 02:43:07 PM +08<br>  libpciaccess-0.14-1.el7|(none)      Fri 06 May 2022 09:59:57 AM +08<br>  rpm-python-4.11.3-48.el7_9|(none)      Mon 27 Mar 2023 09:47:04 AM +08<br>  nfs-utils-1.3.0-0.68.el7.2|1      Thu 07 Jul 2022 02:43:08 PM +08<br>  alsa-firmware-1.0.28-2.el7|(none)      Fri 06 May 2022 09:59:58 AM +08<br>  python-devel-2.7.5-92.el7_9|(none)      Mon 27 Mar 2023 09:47:22 AM +08<br>  libvirt-daemon-driver-network-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:10 PM +08<br>  dbus-python-1.1.1-9.el7|(none)      Fri 06 May 2022 09:59:58 AM +08<br>  e2fsprogs-1.42.9-19.el7|(none)      Mon 27 Mar 2023 09:47:23 AM +08<br>  libvirt-daemon-config-network-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:10 PM +08<br>  iprutils-2.4.17.1-3.el7_7|(none)      Mon 27 Mar 2023 09:47:23 AM +08<br>  libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  pth-2.0.7-23.el7|(none)      Fri 06 May 2022 09:59:58 AM +08<br>  iwl5150-firmware-8.24.2.2-80.el7_9|(none)      Mon 27 Mar 2023 09:47:27 AM +08<br>  libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  gpgme-1.3.2-5.el7|(none)      Fri 06 May 2022 09:59:59 AM +08<br>  iwl6000g2a-firmware-18.168.6.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:27 AM +08<br>  libvirt-daemon-driver-secret-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl3160-firmware-25.30.13.0-80.el7_9|(none)      Mon 27 Mar 2023 09:47:30 AM +08<br>  pixman-0.34.0-1.el7|(none)      Thu 07 Jul 2022 02:44:01 PM +08<br>  iwl2000-firmware-18.168.6.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:30 AM +08<br>  usbredir-0.7.1-3.el7|(none)      Thu 07 Jul 2022 02:44:01 PM +08<br>  fontpackages-filesystem-1.44-8.el7|(none)      Mon 27 Mar 2023 09:57:39 AM +08<br>  libX11-common-1.6.7-4.el7_9|(none)      Thu 07 Jul 2022 02:44:02 PM +08<br>  dejavu-sans-fonts-2.33-6.el7|(none)      Mon 27 Mar 2023 09:57:39 AM +08<br>  authconfig-6.2.8-30.el7|(none)      Fri 06 May 2022 10:00:26 AM +08<br>  copy-jdk-configs-3.3-11.el7_9|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  xorg-x11-font-utils-7.5-21.el7|1      Mon 27 Mar 2023 09:57:41 AM +08<br>  harfbuzz-1.7.5-2.el7|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  lksctp-tools-1.0.17-2.el7|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  ttmkfdir-3.0.9-42.el7|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  ncurses-5.9-14.20130511.el7_4|(none)      Fri 06 May 2022 09:59:03 AM +08<br>  tzdata-java-2022g-1.el7|(none)      Mon 27 Mar 2023 09:57:42 AM +08<br>  python-javapackages-3.4.1-11.el7|(none)      Mon 27 Mar 2023 09:57:42 AM +08<br>  filesystem-3.2-25.el7|(none)      Fri 06 May 2022 09:59:09 AM +08<br>  java-11-openjdk-headless-11.0.18.0.10-1.el7_9|1      Mon 27 Mar 2023 09:57:51 AM +08<br>  btrfs-progs-4.9.1-1.el7|(none)      Fri 06 May 2022 10:00:37 AM +08<br>  giflib-4.1.6-9.el7|(none)      Mon 27 Mar 2023 09:57:52 AM +08<br>  libsysfs-2.1.0-16.el7|(none)      Fri 06 May 2022 10:00:37 AM +08<br>  jenkins-2.387.1-1.1|(none)      Mon 27 Mar 2023 09:58:57 AM +08<br>  rootfiles-8.1-11.el7|(none)      Fri 06 May 2022 10:00:37 AM +08<br>  patch-2.7.1-12.el7_7|(none)      Tue 06 Jun 2023 10:28:12 AM +08<br>  dwz-0.11-3.el7|(none)      Tue 06 Jun 2023 02:47:19 PM +08<br>  info-5.1-5.el7|(none)      Fri 06 May 2022 09:59:13 AM +08<br>  gdb-7.6.1-120.el7|(none)      Tue 06 Jun 2023 02:47:20 PM +08<br>  libsepol-2.5-10.el7|(none)      Fri 06 May 2022 09:59:14 AM +08<br>  zip-3.0-11.el7|(none)      Tue 06 Jun 2023 02:47:21 PM +08<br>  libattr-2.4.46-13.el7|(none)      Fri 06 May 2022 09:59:14 AM +08<br>  elfutils-0.176-5.el7|(none)      Tue 06 Jun 2023 02:47:21 PM +08<br>  emacs-filesystem-24.3-23.el7|1      Tue 06 Jun 2023 02:47:29 PM +08<br>  tcpreplay-4.4.3-3.el7|(none)      Fri 16 Jun 2023 02:54:56 PM +08<br>  grep-2.20-3.el7|(none)      Fri 06 May 2022 09:59:15 AM +08<br>  perl-IO-Socket-IP-0.21-5.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  keyutils-libs-1.5.8-3.el7|(none)      Fri 06 May 2022 09:59:15 AM +08<br>  perl-Mozilla-CA-20130114-5.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  libverto-0.2.5-4.el7|(none)      Fri 06 May 2022 09:59:15 AM +08<br>  gpg-pubkey-f4a80eb5-53a7ff4b|(none)      Fri 06 May 2022 10:38:47 AM +08<br>  perl-HTML-Tagset-3.20-15.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  p11-kit-trust-0.23.5-3.el7|(none)      Fri 06 May 2022 09:59:15 AM +08<br>  libxml2-2.9.1-6.el7_9.6|(none)      Fri 06 May 2022 10:40:18 AM +08<br>  perl-Digest-MD5-2.52-3.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python-chardet-2.2.1-3.el7|(none)      Fri 06 May 2022 10:40:19 AM +08<br>  perl-TimeDate-2.30-2.el7|1      Tue 04 Jul 2023 02:36:58 PM +08<br>  yum-utils-1.1.31-54.el7_8|(none)      Fri 06 May 2022 10:40:19 AM +08<br>  perl-File-Listing-6.04-7.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  perl-parent-0.225-244.el7|1      Fri 06 May 2022 10:41:16 AM +08<br>  perl-Net-SSLeay-1.55-6.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  bzip2-libs-1.0.6-13.el7|(none)      Fri 06 May 2022 09:59:20 AM +08<br>  perl-podlators-2.5.1-3.el7|(none)      Fri 06 May 2022 10:41:16 AM +08<br>  perl-Business-ISBN-Data-20120719.001-2.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  perl-Pod-Escapes-1.04-299.el7_9|1      Fri 06 May 2022 10:41:17 AM +08<br>  perl-URI-1.60-9.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  perl-Text-ParseWords-3.29-4.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-Compress-Raw-Bzip2-2.061-3.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  libgpg-error-1.12-3.el7|(none)      Fri 06 May 2022 09:59:21 AM +08<br>  perl-macros-5.16.3-299.el7_9|4      Fri 06 May 2022 10:41:18 AM +08<br>  perl-Net-HTTP-6.06-2.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  perl-Exporter-5.68-3.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-LWP-MediaTypes-6.02-2.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  dropwatch-1.4-9.el7|(none)      Fri 17 Feb 2023 01:16:18 PM +08<br>  perl-Socket-2.010-5.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-HTTP-Cookies-6.01-5.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  lua-5.1.4-15.el7|(none)      Fri 06 May 2022 09:59:22 AM +08<br>  perl-Carp-1.26-244.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-HTTP-Negotiate-6.01-5.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  which-2.20-7.el7|(none)      Fri 06 May 2022 09:59:22 AM +08<br>  perl-PathTools-3.40-5.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-libwww-perl-6.05-2.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  libnl3-3.2.28-4.el7|(none)      Fri 06 May 2022 09:59:23 AM +08<br>  perl-Pod-Simple-3.28-4.el7|1      Fri 06 May 2022 10:41:18 AM +08<br>  libyaml-devel-0.1.4-11.el7_0|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  cracklib-2.9.0-11.el7|(none)      Fri 06 May 2022 09:59:23 AM +08<br>  perl-File-Path-2.09-2.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  arkime-4.3.2-1|(none)      Tue 04 Jul 2023 02:38:55 PM +08<br>  perl-threads-1.87-4.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  libnet-1.1.6-7.el7|(none)      Tue 04 Jul 2023 03:47:08 PM +08<br>  perl-libs-5.16.3-299.el7_9|4      Fri 06 May 2022 10:41:19 AM +08<br>  libprelude-5.2.0-2.el7|(none)      Tue 04 Jul 2023 03:47:08 PM +08<br>  perl-5.16.3-299.el7_9|4      Fri 06 May 2022 10:41:25 AM +08<br>  libnetfilter_queue-1.0.2-2.el7_2|(none)      Tue 04 Jul 2023 03:47:08 PM +08<br>  perl-TermReadKey-2.30-20.el7|(none)      Fri 06 May 2022 10:41:25 AM +08<br>  PyYAML-3.10-11.el7|(none)      Tue 04 Jul 2023 03:47:41 PM +08<br>  gpg-pubkey-be1229cf-5631588c|(none)      Wed 05 Jul 2023 11:28:42 AM +08<br>  libtirpc-0.2.4-0.16.el7|(none)      Fri 06 May 2022 10:41:29 AM +08<br>  libatomic-4.8.5-44.el7|(none)      Wed 05 Jul 2023 11:41:43 AM +08<br>  python3-setuptools-39.2.0-10.el7|(none)      Fri 06 May 2022 10:41:32 AM +08<br>  libnl3-cli-3.2.28-4.el7|(none)      Fri 06 May 2022 09:59:27 AM +08<br>  python3-libs-3.6.8-18.el7|(none)      Fri 06 May 2022 10:41:40 AM +08<br>  unixODBC-2.3.11-1.rh|(none)      Wed 05 Jul 2023 01:21:07 PM +08<br>  vim-filesystem-7.4.629-8.el7_9|2      Fri 06 May 2022 10:53:20 AM +08<br>  mssql-tools-17.10.1.1-1|(none)      Wed 05 Jul 2023 01:21:21 PM +08<br>  groff-base-1.22.2-8.el7|(none)      Fri 06 May 2022 09:59:27 AM +08<br>  gpm-libs-1.20.7-6.el7|(none)      Fri 06 May 2022 10:53:24 AM +08<br>  mssql-server-15.0.4316.3-2|(none)      Wed 05 Jul 2023 01:35:01 PM +08<br>  libunistring-0.9.3-9.el7|(none)      Fri 06 May 2022 09:59:28 AM +08<br>  telnet-0.17-66.el7|1      Fri 06 May 2022 11:35:27 AM +08<br>  gcc-c++-4.8.5-44.el7|(none)      Tue 18 Jul 2023 02:00:27 PM +08<br>  sysvinit-tools-2.88-14.dsf.el7|(none)      Fri 06 May 2022 09:59:28 AM +08<br>  psmisc-22.20-17.el7|(none)      Fri 06 May 2022 01:16:59 PM +08<br>  slang-2.2.4-11.el7|(none)      Fri 06 May 2022 09:59:28 AM +08<br>  libselinux-python3-2.5-15.el7|(none)      Mon 09 May 2022 02:23:07 PM +08<br>  libselinux-utils-2.5-15.el7|(none)      Mon 09 May 2022 02:23:08 PM +08<br>  lzo-2.06-8.el7|(none)      Fri 06 May 2022 09:59:29 AM +08<br>  wget-1.14-18.el7_6.1|(none)      Tue 10 May 2022 05:32:36 PM +08<br>  libmodman-2.0.1-8.el7|(none)      Wed 18 May 2022 03:27:50 PM +08<br>  python-decorator-3.4.0-3.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  gsettings-desktop-schemas-3.28.0-3.el7|(none)      Wed 18 May 2022 03:27:50 PM +08<br>  trousers-0.3.14-2.el7|(none)      Wed 18 May 2022 03:27:51 PM +08<br>  glib-networking-2.56.1-1.el7|(none)      Wed 18 May 2022 03:27:51 PM +08<br>  yum-metadata-parser-1.1.4-10.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  cockpit-system-195.12-1.el7.centos|(none)      Wed 18 May 2022 03:27:52 PM +08<br>  pyliblzma-0.5.3-11.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  cockpit-195.12-1.el7.centos|(none)      Wed 18 May 2022 03:27:55 PM +08<br>  python-schedutils-0.4-6.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  gpg-pubkey-621e9f35-58adea78|(none)      Wed 15 Jun 2022 02:34:45 PM +08<br>  python-ipaddress-1.0.16-2.el7|(none)      Wed 15 Jun 2022 02:35:48 PM +08<br>  pyxattr-0.5.1-5.el7|(none)      Fri 06 May 2022 09:59:34 AM +08<br>  policycoreutils-2.5-34.el7|(none)      Wed 15 Jun 2022 02:35:48 PM +08<br>  libseccomp-2.3.1-4.el7|(none)      Wed 15 Jun 2022 02:35:48 PM +08<br>  python-websocket-client-0.56.0-3.git3c25814.el7|(none)      Wed 15 Jun 2022 02:35:49 PM +08<br>  less-458-9.el7|(none)      Fri 06 May 2022 09:59:35 AM +08<br>  python-backports-1.0-8.el7|(none)      Wed 15 Jun 2022 02:35:49 PM +08<br>  python-urllib3-1.10.2-7.el7|(none)      Wed 15 Jun 2022 02:35:49 PM +08<br>  libsemanage-python-2.5-14.el7|(none)      Wed 15 Jun 2022 02:35:49 PM +08<br>  gobject-introspection-1.56.1-1.el7|(none)      Fri 06 May 2022 09:59:35 AM +08<br>  python-IPy-0.75-6.el7|(none)      Wed 15 Jun 2022 02:35:50 PM +08<br>  policycoreutils-python-2.5-34.el7|(none)      Wed 15 Jun 2022 02:35:50 PM +08<br>  fipscheck-lib-1.4.1-6.el7|(none)      Fri 06 May 2022 09:59:35 AM +08<br>  kde-l10n-4.10.5-2.el7|(none)      Thu 16 Jun 2022 01:57:36 PM +08<br>  libuser-0.60-9.el7|(none)      Fri 06 May 2022 09:59:37 AM +08<br>  tar-1.26-35.el7|2      Fri 06 May 2022 09:59:41 AM +08<br>  libedit-3.0-12.20121213cvs.el7|(none)      Fri 06 May 2022 09:59:42 AM +08<br>  python-srpm-macros-3-34.el7|(none)      Fri 17 Jun 2022 02:38:55 PM +08<br>  mozjs17-17.0.0-20.el7|(none)      Fri 06 May 2022 09:59:43 AM +08<br>  cyrus-sasl-lib-2.1.26-24.el7_9|(none)      Thu 07 Jul 2022 02:42:50 PM +08<br>  ustr-1.0.4-16.el7|(none)      Fri 06 May 2022 09:59:44 AM +08<br>  hardlink-1.0-19.el7|1      Fri 06 May 2022 09:59:45 AM +08<br>  libdaemon-0.14-7.el7|(none)      Fri 06 May 2022 09:59:45 AM +08<br>  libestr-0.1.9-2.el7|(none)      Fri 06 May 2022 09:59:46 AM +08<br>  json-c-0.11-4.el7_0|(none)      Fri 06 May 2022 09:59:46 AM +08<br>  polkit-pkla-compat-0.1-4.el7|(none)      Fri 06 May 2022 09:59:50 AM +08<br>  iputils-20160308-10.el7|(none)      Fri 06 May 2022 09:59:50 AM +08<br>  fxload-2002_04_11-16.el7|(none)      Fri 06 May 2022 09:59:57 AM +08<br>  alsa-tools-firmware-1.1.0-1.el7|(none)      Fri 06 May 2022 09:59:58 AM +08<br>  dbus-glib-0.100-7.el7|(none)      Fri 06 May 2022 09:59:58 AM +08<br>  python-slip-dbus-0.4.0-4.el7|(none)      Fri 06 May 2022 09:59:58 AM +08<br>  python-pyudev-0.15-9.el7|(none)      Fri 06 May 2022 09:59:58 AM +08<br>  gnupg2-2.0.22-5.el7_5|(none)      Fri 06 May 2022 09:59:59 AM +08<br>  pygpgme-0.3-9.el7|(none)      Fri 06 May 2022 09:59:59 AM +08<br>  libogg-1.3.0-7.el7|2      Thu 07 Jul 2022 02:44:00 PM +08<br>  kernel-3.10.0-957.el7|(none)      Fri 06 May 2022 10:00:21 AM +08<br>  dejavu-fonts-common-2.33-6.el7|(none)      Mon 27 Mar 2023 09:57:39 AM +08<br>  rdma-core-22.4-6.el7_9|(none)      Thu 07 Jul 2022 02:44:02 PM +08<br>  librdmacm-22.4-6.el7_9|(none)      Thu 07 Jul 2022 02:44:02 PM +08<br>  libxcb-1.13-1.el7|(none)      Thu 07 Jul 2022 02:44:02 PM +08<br>  libXext-1.3.3-3.el7|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  libXtst-1.2.3-1.el7|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  libasyncns-0.8-7.el7|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  libsndfile-1.0.25-12.el7_9.1|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  seabios-bin-1.11.0-2.el7|(none)      Thu 07 Jul 2022 02:44:04 PM +08<br>  libjpeg-turbo-1.2.90-8.el7|(none)      Thu 07 Jul 2022 02:44:04 PM +08<br>  seavgabios-bin-1.11.0-2.el7|(none)      Thu 07 Jul 2022 02:44:04 PM +08<br>  qemu-kvm-common-1.5.3-175.el7_9.6|10      Thu 07 Jul 2022 02:44:04 PM +08<br>  libvirt-glib-1.0.0-1.el7|(none)      Thu 07 Jul 2022 03:05:26 PM +08<br>  osinfo-db-20200529-1.el7|(none)      Thu 07 Jul 2022 03:08:34 PM +08<br>  python-ipaddr-2.1.11-2.el7|(none)      Thu 07 Jul 2022 03:08:34 PM +08<br>  osinfo-db-tools-1.1.0-1.el7|(none)      Thu 07 Jul 2022 03:08:35 PM +08<br>  libusal-1.1.11-25.el7|(none)      Thu 07 Jul 2022 03:08:35 PM +08<br>  virt-manager-common-1.5.0-7.el7|(none)      Thu 07 Jul 2022 03:08:37 PM +08<br>  libssh-0.7.1-7.el7|(none)      Wed 20 Jul 2022 08:56:27 AM +08<br>  python36-six-1.14.0-3.el7|(none)      Wed 27 Jul 2022 02:32:10 PM +08<br>  python36-pysocks-1.6.8-7.el7|(none)      Wed 27 Jul 2022 02:32:10 PM +08<br>  python36-dockerpty-0.4.1-18.el7|(none)      Wed 27 Jul 2022 02:32:11 PM +08<br>  python36-cached_property-1.5.1-2.el7|(none)      Wed 27 Jul 2022 02:32:11 PM +08<br>  python36-idna-2.10-1.el7|(none)      Wed 27 Jul 2022 02:32:11 PM +08<br>  python36-requests-2.14.2-2.el7|(none)      Wed 27 Jul 2022 02:32:12 PM +08<br>  python36-jsonschema-2.5.1-4.el7|(none)      Wed 27 Jul 2022 02:32:12 PM +08<br>  libyaml-0.1.4-11.el7_0|(none)      Wed 27 Jul 2022 02:32:12 PM +08<br>  docker-compose-1.18.0-4.el7|(none)      Wed 27 Jul 2022 02:32:13 PM +08<br>  openssh-8.6p1-1.el7.centos|(none)      Tue 08 Nov 2022 05:24:34 PM +08<br>  openssh-server-8.6p1-1.el7.centos|(none)      Tue 08 Nov 2022 05:24:34 PM +08<br>  bash-4.2.46-35.el7_9|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  xz-libs-5.2.2-2.el7_9|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  nss-util-3.79.0-1.el7_9|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  libacl-2.2.51-15.el7|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  libcap-2.22-11.el7|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  sed-4.2.2-7.el7|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  readline-6.2-11.el7|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  chkconfig-1.7.6-1.el7|(none)      Mon 27 Mar 2023 09:45:24 AM +08<br>  cpio-2.11-28.el7|(none)      Mon 27 Mar 2023 09:45:24 AM +08<br>  xz-5.2.2-2.el7_9|(none)      Mon 27 Mar 2023 09:45:24 AM +08<br>  file-5.11-37.el7|(none)      Mon 27 Mar 2023 09:45:25 AM +08<br>  iproute-4.11.0-30.el7|(none)      Mon 27 Mar 2023 09:45:25 AM +08<br>  diffutils-3.3-6.el7_9|(none)      Mon 27 Mar 2023 09:45:26 AM +08<br>  ethtool-4.8-10.el7|2      Mon 27 Mar 2023 09:45:26 AM +08<br>  lz4-1.8.3-1.el7|(none)      Mon 27 Mar 2023 09:45:26 AM +08<br>  grub2-pc-modules-2.02-0.87.0.2.el7.centos.11|1      Mon 27 Mar 2023 09:45:27 AM +08<br>  bc-1.06.95-13.el7|(none)      Mon 27 Mar 2023 09:45:27 AM +08<br>  libss-1.42.9-19.el7|(none)      Mon 27 Mar 2023 09:45:27 AM +08<br>  vim-minimal-7.4.629-8.el7_9|2      Mon 27 Mar 2023 09:45:27 AM +08<br>  nss-softokn-freebl-3.79.0-4.el7_9|(none)      Mon 27 Mar 2023 09:45:27 AM +08<br>  kmod-libs-20-28.el7|(none)      Mon 27 Mar 2023 09:45:28 AM +08<br>  freetype-2.8-14.el7_9.1|(none)      Mon 27 Mar 2023 09:45:28 AM +08<br>  docker-compose-plugin-2.16.0-1.el7|0      Mon 27 Mar 2023 09:45:31 AM +08<br>  linux-firmware-20200421-80.git78c0348.el7_9|(none)      Mon 27 Mar 2023 09:45:50 AM +08<br>  ca-certificates-2022.2.54-74.el7_9|(none)      Mon 27 Mar 2023 09:45:51 AM +08<br>  coreutils-8.22-24.el7_9.2|(none)      Mon 27 Mar 2023 09:45:55 AM +08<br>  pam-1.1.8-23.el7|(none)      Mon 27 Mar 2023 09:45:56 AM +08<br>  shadow-utils-4.6-5.el7|2      Mon 27 Mar 2023 09:45:57 AM +08<br>  python-2.7.5-92.el7_9|(none)      Mon 27 Mar 2023 09:45:59 AM +08<br>  glib2-2.56.1-9.el7_9|(none)      Mon 27 Mar 2023 09:46:00 AM +08<br>  gzip-1.5-11.el7_9|(none)      Mon 27 Mar 2023 09:46:01 AM +08<br>  gettext-libs-0.19.8.1-3.el7|(none)      Mon 27 Mar 2023 09:46:01 AM +08<br>  grub2-tools-minimal-2.02-0.87.0.2.el7.centos.11|1      Mon 27 Mar 2023 09:46:01 AM +08<br>  python-firewall-0.6.3-13.el7_9|(none)      Mon 27 Mar 2023 09:46:02 AM +08<br>  python-linux-procfs-0.4.11-4.el7|(none)      Mon 27 Mar 2023 09:46:02 AM +08<br>  grubby-8.28-26.el7|(none)      Mon 27 Mar 2023 09:46:04 AM +08<br>  bind-export-libs-9.11.4-26.P2.el7_9.13|32      Mon 27 Mar 2023 09:46:05 AM +08<br>  nss-pem-1.0.3-7.el7|(none)      Mon 27 Mar 2023 09:46:05 AM +08<br>  nss-3.79.0-5.el7_9|(none)      Mon 27 Mar 2023 09:46:05 AM +08<br>  audit-2.8.5-4.el7|(none)      Wed 15 Jun 2022 02:36:49 PM +08<br>  selinux-policy-3.13.1-268.el7_9.2|(none)      Mon 27 Mar 2023 09:46:06 AM +08<br>  mariadb-libs-5.5.68-1.el7|1      Mon 27 Mar 2023 09:46:08 AM +08<br>  gpg-pubkey-352c64e5-52ae6884|(none)      Thu 16 Jun 2022 02:53:06 PM +08<br>  libcurl-7.29.0-59.el7_9.1|(none)      Mon 27 Mar 2023 09:46:08 AM +08<br>  python2-pip-8.1.2-14.el7|(none)      Thu 16 Jun 2022 03:06:04 PM +08<br>  rpm-libs-4.11.3-48.el7_9|(none)      Mon 27 Mar 2023 09:46:09 AM +08<br>  glibc-common-2.17-326.el7_9|(none)      Fri 17 Jun 2022 02:37:53 PM +08<br>  openldap-2.4.44-25.el7_9|(none)      Mon 27 Mar 2023 09:46:09 AM +08<br>  mpfr-3.1.1-4.el7|(none)      Fri 17 Jun 2022 02:37:57 PM +08<br>  geoipupdate-2.5.0-1.el7|(none)      Mon 27 Mar 2023 09:46:09 AM +08<br>  cpp-4.8.5-44.el7|(none)      Fri 17 Jun 2022 02:37:59 PM +08<br>  kbd-misc-1.15.5-16.el7_9|(none)      Mon 27 Mar 2023 09:46:11 AM +08<br>  fuse-overlayfs-0.7.2-6.el7_8|(none)      Mon 27 Mar 2023 09:46:11 AM +08<br>  glibc-devel-2.17-326.el7_9|(none)      Fri 17 Jun 2022 02:38:02 PM +08<br>  bind-license-9.11.4-26.P2.el7_9.13|32      Mon 27 Mar 2023 09:46:11 AM +08<br>  dmidecode-3.2-5.el7_9.1|1      Mon 27 Mar 2023 09:46:11 AM +08<br>  procps-ng-3.3.10-28.el7|(none)      Mon 27 Mar 2023 09:46:11 AM +08<br>  python2-rpm-macros-3-34.el7|(none)      Fri 17 Jun 2022 02:38:55 PM +08<br>  dracut-033-572.el7|(none)      Mon 27 Mar 2023 09:46:13 AM +08<br>  elfutils-libs-0.176-5.el7|(none)      Mon 27 Mar 2023 09:46:13 AM +08<br>  yajl-2.0.4-4.el7|(none)      Thu 07 Jul 2022 02:42:50 PM +08<br>  dbus-libs-1.10.24-15.el7|1      Mon 27 Mar 2023 09:46:13 AM +08<br>  device-mapper-libs-1.02.170-6.el7_9.5|7      Thu 07 Jul 2022 02:42:50 PM +08<br>  dbus-1.10.24-15.el7|1      Mon 27 Mar 2023 09:46:17 AM +08<br>  libaio-0.3.109-13.el7|(none)      Thu 07 Jul 2022 02:42:51 PM +08<br>  initscripts-9.49.53-1.el7_9.1|(none)      Mon 27 Mar 2023 09:46:17 AM +08<br>  libevent-2.0.21-4.el7|(none)      Thu 07 Jul 2022 02:42:51 PM +08<br>  wpa_supplicant-2.6-12.el7_9.2|1      Mon 27 Mar 2023 09:46:18 AM +08<br>  boost-thread-1.53.0-28.el7|(none)      Thu 07 Jul 2022 02:42:51 PM +08<br>  cronie-anacron-1.4.11-24.el7_9|(none)      Mon 27 Mar 2023 09:46:19 AM +08<br>  iscsi-initiator-utils-iscsiuio-6.2.0.874-22.el7_9|(none)      Thu 07 Jul 2022 02:42:53 PM +08<br>  NetworkManager-libnm-1.18.8-2.el7_9|1      Mon 27 Mar 2023 09:46:20 AM +08<br>  libpcap-1.5.3-13.el7_9|14      Thu 07 Jul 2022 02:42:54 PM +08<br>  grub2-tools-2.02-0.87.0.2.el7.centos.11|1      Mon 27 Mar 2023 09:46:20 AM +08<br>  boost-random-1.53.0-28.el7|(none)      Thu 07 Jul 2022 02:42:54 PM +08<br>  grub2-pc-2.02-0.87.0.2.el7.centos.11|1      Mon 27 Mar 2023 09:46:21 AM +08<br>  rpcbind-0.2.0-49.el7|(none)      Thu 07 Jul 2022 02:42:54 PM +08<br>  dhclient-4.2.5-83.el7.centos.1|12      Mon 27 Mar 2023 09:46:21 AM +08<br>  boost-iostreams-1.53.0-28.el7|(none)      Thu 07 Jul 2022 02:42:55 PM +08<br>  libdrm-2.4.97-2.el7|(none)      Mon 27 Mar 2023 09:46:21 AM +08<br>  librbd1-10.2.5-4.el7|1      Thu 07 Jul 2022 02:42:57 PM +08<br>  docker-ce-rootless-extras-23.0.1-1.el7|0      Mon 27 Mar 2023 09:46:28 AM +08<br>  gnutls-dane-3.3.29-9.el7_6|(none)      Thu 07 Jul 2022 02:42:57 PM +08<br>  rsync-3.1.2-12.el7_9|(none)      Mon 27 Mar 2023 09:46:33 AM +08<br>  device-mapper-event-1.02.170-6.el7_9.5|7      Thu 07 Jul 2022 02:42:57 PM +08<br>  git-1.8.3.1-24.el7_9|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  device-mapper-persistent-data-0.8.5-3.el7_9.2|(none)      Thu 07 Jul 2022 02:42:58 PM +08<br>  plymouth-scripts-0.8.9-0.34.20140113.el7.centos|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  glusterfs-client-xlators-6.0-61.el7|(none)      Thu 07 Jul 2022 02:43:00 PM +08<br>  virt-what-1.18-4.el7_9.1|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  glusterfs-6.0-61.el7|(none)      Thu 07 Jul 2022 02:43:01 PM +08<br>  libteam-1.29-3.el7|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  cyrus-sasl-2.1.26-24.el7_9|(none)      Thu 07 Jul 2022 02:43:01 PM +08<br>  kernel-tools-libs-3.10.0-1160.88.1.el7|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  libvirt-libs-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:03 PM +08<br>  NetworkManager-1.18.8-2.el7_9|1      Mon 27 Mar 2023 09:46:36 AM +08<br>  libxslt-1.1.28-6.el7|(none)      Thu 07 Jul 2022 02:43:04 PM +08<br>  ipset-7.1-1.el7|(none)      Mon 27 Mar 2023 09:46:36 AM +08<br>  tcp_wrappers-7.6-77.el7|(none)      Thu 07 Jul 2022 02:43:04 PM +08<br>  kbd-1.15.5-16.el7_9|(none)      Mon 27 Mar 2023 09:46:37 AM +08<br>  libiscsi-1.9.0-7.el7|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  NetworkManager-wifi-1.18.8-2.el7_9|1      Mon 27 Mar 2023 09:46:38 AM +08<br>  fuse-libs-2.9.2-11.el7|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  NetworkManager-team-1.18.8-2.el7_9|1      Mon 27 Mar 2023 09:46:38 AM +08<br>  dnsmasq-2.76-17.el7_9.3|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  irqbalance-1.0.7-12.el7|3      Mon 27 Mar 2023 09:46:38 AM +08<br>  libnfsidmap-0.25-19.el7|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  kexec-tools-2.0.15-51.el7_9.3|(none)      Mon 27 Mar 2023 09:46:39 AM +08<br>  netcf-libs-0.2.8-4.el7|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  sysstat-10.1.5-20.el7_9|(none)      Mon 27 Mar 2023 09:46:39 AM +08<br>  radvd-2.17-3.el7|(none)      Thu 07 Jul 2022 02:43:06 PM +08<br>  kernel-3.10.0-1160.88.1.el7|(none)      Mon 27 Mar 2023 09:46:47 AM +08<br>  gnutls-utils-3.3.29-9.el7_6|(none)      Thu 07 Jul 2022 02:43:06 PM +08<br>  microcode_ctl-2.1-73.15.el7_9|2      Mon 27 Mar 2023 09:46:53 AM +08<br>  gperftools-libs-2.6.1-1.el7|(none)      Thu 07 Jul 2022 02:43:07 PM +08<br>  biosdevname-0.7.3-2.el7|(none)      Mon 27 Mar 2023 09:47:04 AM +08<br>  libpath_utils-0.2.1-32.el7|(none)      Thu 07 Jul 2022 02:43:07 PM +08<br>  bind-libs-lite-9.11.4-26.P2.el7_9.13|32      Mon 27 Mar 2023 09:47:04 AM +08<br>  gssproxy-0.7.0-30.el7_9|(none)      Thu 07 Jul 2022 02:43:07 PM +08<br>  sudo-1.8.23-10.el7_9.3|(none)      Mon 27 Mar 2023 09:47:05 AM +08<br>  numad-0.5-18.20150602git.el7|(none)      Thu 07 Jul 2022 02:43:08 PM +08<br>  passwd-0.79-6.el7|(none)      Mon 27 Mar 2023 09:47:21 AM +08<br>  libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:10 PM +08<br>  python-urlgrabber-3.10-10.el7|(none)      Mon 27 Mar 2023 09:47:22 AM +08<br>  libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:10 PM +08<br>  xfsprogs-4.5.0-22.el7|(none)      Mon 27 Mar 2023 09:47:23 AM +08<br>  libvirt-daemon-driver-lxc-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:10 PM +08<br>  openssl-1.0.2k-26.el7_9|1      Mon 27 Mar 2023 09:47:23 AM +08<br>  libvirt-daemon-driver-qemu-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  epel-release-7-14|(none)      Mon 27 Mar 2023 09:47:23 AM +08<br>  libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl1000-firmware-39.31.5.1-80.el7_9|1      Mon 27 Mar 2023 09:47:24 AM +08<br>  libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  yum-plugin-fastestmirror-1.1.31-54.el7_8|(none)      Mon 27 Mar 2023 09:47:27 AM +08<br>  libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl135-firmware-18.168.6.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:27 AM +08<br>  libvirt-daemon-driver-storage-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl2030-firmware-18.168.6.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:27 AM +08<br>  libvirt-daemon-driver-interface-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  kernel-headers-3.10.0-1160.88.1.el7|(none)      Mon 27 Mar 2023 09:47:28 AM +08<br>  libvirt-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  tzdata-2022g-1.el7|(none)      Mon 27 Mar 2023 09:47:29 AM +08<br>  iwl6050-firmware-41.28.5.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:30 AM +08<br>  libusbx-1.0.21-1.el7|(none)      Thu 07 Jul 2022 02:44:01 PM +08<br>  iwl5000-firmware-8.83.5.1_1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:30 AM +08<br>  libSM-1.2.2-2.el7|(none)      Thu 07 Jul 2022 02:44:01 PM +08<br>  iwl105-firmware-18.168.6.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:31 AM +08<br>  libvorbis-1.3.3-8.el7.1|1      Thu 07 Jul 2022 02:44:01 PM +08<br>  iwl4965-firmware-228.61.2.24-80.el7_9|(none)      Mon 27 Mar 2023 09:47:31 AM +08<br>  celt051-0.5.1.3-8.el7|(none)      Thu 07 Jul 2022 02:44:01 PM +08<br>  pciutils-3.5.1-3.el7|(none)      Thu 07 Jul 2022 02:44:02 PM +08<br>  libfontenc-1.1.3-3.el7|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  libXau-1.0.8-2.1.el7|(none)      Thu 07 Jul 2022 02:44:02 PM +08<br>  pcsc-lite-libs-1.8.8-8.el7|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  libXi-1.7.9-1.el7|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  xorg-x11-fonts-Type1-7.5-9.el7|(none)      Mon 27 Mar 2023 09:57:41 AM +08<br>  gsm-1.0.13-11.el7|(none)      Thu 07 Jul 2022 02:44:03 PM +08<br>  man-db-2.6.3-11.el7|(none)      Fri 06 May 2022 10:00:35 AM +08<br>  javapackages-tools-3.4.1-11.el7|(none)      Mon 27 Mar 2023 09:57:42 AM +08<br>  opus-1.0.2-6.el7|(none)      Thu 07 Jul 2022 02:44:04 PM +08<br>  java-11-openjdk-11.0.18.0.10-1.el7_9|1      Mon 27 Mar 2023 09:57:53 AM +08<br>  sgabios-bin-0.20110622svn-4.el7|1      Thu 07 Jul 2022 02:44:04 PM +08<br>  popt-1.13-16.el7|(none)      Fri 06 May 2022 09:59:13 AM +08<br>  perl-srpm-macros-1-8.el7|(none)      Tue 06 Jun 2023 02:47:19 PM +08<br>  libvirt-dbus-1.3.0-1.el7|(none)      Thu 07 Jul 2022 03:05:27 PM +08<br>  gawk-4.0.2-4.el7_3.1|(none)      Fri 06 May 2022 09:59:14 AM +08<br>  perl-Thread-Queue-3.02-2.el7|(none)      Tue 06 Jun 2023 02:47:20 PM +08<br>  libarchive-3.1.2-14.el7_7|(none)      Thu 07 Jul 2022 03:08:35 PM +08<br>  rpm-build-4.11.3-48.el7_9|(none)      Tue 06 Jun 2023 02:47:21 PM +08<br>  genisoimage-1.1.11-25.el7|(none)      Thu 07 Jul 2022 03:08:36 PM +08<br>  ivtv-firmware-20080701-26.el7|2      Fri 06 May 2022 10:00:41 AM +08<br>  perl-Compress-Raw-Zlib-2.061-4.el7|1      Tue 04 Jul 2023 02:36:58 PM +08<br>  gmp-6.0.0-15.el7|1      Fri 06 May 2022 09:59:15 AM +08<br>  perl-Encode-Locale-1.03-5.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python36-urllib3-1.25.6-2.el7|(none)      Wed 27 Jul 2022 02:32:11 PM +08<br>  perl-Net-LibIDN-0.12-15.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python36-docopt-0.6.2-8.el7|(none)      Wed 27 Jul 2022 02:32:11 PM +08<br>  python-kitchen-1.1.1-5.el7|(none)      Fri 06 May 2022 10:40:19 AM +08<br>  perl-IO-HTML-1.00-2.el7|(none)      Tue 04 Jul 2023 02:36:58 PM +08<br>  python36-docker-2.6.1-3.el7|(none)      Wed 27 Jul 2022 02:32:12 PM +08<br>  perl-HTTP-Tiny-0.033-3.el7|(none)      Fri 06 May 2022 10:41:16 AM +08<br>  perl-Business-ISBN-2.06-2.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  python36-PyYAML-3.13-1.el7|(none)      Wed 27 Jul 2022 02:32:12 PM +08<br>  perl-Encode-2.51-7.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-IO-Compress-2.061-2.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  openssh-clients-8.6p1-1.el7.centos|(none)      Tue 08 Nov 2022 05:24:34 PM +08<br>  perl-Time-HiRes-1.9725-3.el7|4      Fri 06 May 2022 10:41:18 AM +08<br>  libgcrypt-1.5.3-14.el7|(none)      Fri 06 May 2022 09:59:22 AM +08<br>  perl-HTTP-Message-6.06-6.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  gpg-pubkey-45f2c3d5-5e81efb9|(none)      Mon 27 Mar 2023 09:41:41 AM +08<br>  perl-Time-Local-1.2300-2.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  findutils-4.5.11-6.el7|1      Fri 06 May 2022 09:59:22 AM +08<br>  perl-HTTP-Daemon-6.01-8.el7|(none)      Tue 04 Jul 2023 02:36:59 PM +08<br>  nspr-4.34.0-3.1.el7_9|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  perl-Scalar-List-Utils-1.27-248.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  perl-JSON-2.59-2.el7|(none)      Tue 04 Jul 2023 02:37:00 PM +08<br>  libcom_err-1.42.9-19.el7|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  perl-threads-shared-1.43-6.el7|(none)      Fri 06 May 2022 10:41:18 AM +08<br>  libtool-ltdl-2.4.2-22.el7_3|(none)      Tue 04 Jul 2023 03:47:08 PM +08<br>  elfutils-libelf-0.176-5.el7|(none)      Mon 27 Mar 2023 09:45:23 AM +08<br>  perl-Getopt-Long-2.40-3.el7|(none)      Fri 06 May 2022 10:41:19 AM +08<br>  libmnl-1.0.3-7.el7|(none)      Fri 06 May 2022 09:59:24 AM +08<br>  suricata-4.1.10-1.el7|(none)      Tue 04 Jul 2023 03:47:09 PM +08<br>  grub2-common-2.02-0.87.0.2.el7.centos.11|1      Mon 27 Mar 2023 09:45:24 AM +08<br>  libsss_nss_idmap-1.16.5-10.el7_9.15|(none)      Wed 05 Jul 2023 11:41:43 AM +08<br>  file-libs-5.11-37.el7|(none)      Mon 27 Mar 2023 09:45:25 AM +08<br>  python3-pip-9.0.3-8.el7|(none)      Fri 06 May 2022 10:41:32 AM +08<br>  libpwquality-1.2.3-5.el7|(none)      Fri 06 May 2022 09:59:27 AM +08<br>  sqlite-3.7.17-8.el7_7.1|(none)      Mon 27 Mar 2023 09:45:26 AM +08<br>  sshpass-1.06-2.el7|(none)      Fri 06 May 2022 10:41:40 AM +08<br>  unixODBC-devel-2.3.11-1.rh|(none)      Wed 05 Jul 2023 01:21:21 PM +08<br>  libstdc++-4.8.5-44.el7|(none)      Mon 27 Mar 2023 09:45:26 AM +08<br>  vim-enhanced-7.4.629-8.el7_9|2      Fri 06 May 2022 10:53:24 AM +08<br>  libidn-1.28-4.el7|(none)      Fri 06 May 2022 09:59:28 AM +08<br>  setup-2.8.71-11.el7|(none)      Mon 27 Mar 2023 09:45:27 AM +08<br>  net-tools-2.0-0.25.20131004git.el7|(none)      Fri 06 May 2022 11:36:07 AM +08<br>  libnfnetlink-1.0.1-4.el7|(none)      Fri 06 May 2022 09:59:28 AM +08<br>  e2fsprogs-libs-1.42.9-19.el7|(none)      Mon 27 Mar 2023 09:45:27 AM +08<br>  libselinux-python-2.5-15.el7|(none)      Mon 09 May 2022 02:23:07 PM +08<br>  tcp_wrappers-libs-7.6-77.el7|(none)      Fri 06 May 2022 09:59:29 AM +08<br>  nss-softokn-3.79.0-4.el7_9|(none)      Mon 27 Mar 2023 09:45:28 AM +08<br>  json-glib-1.4.2-2.el7|(none)      Wed 18 May 2022 03:27:50 PM +08<br>  docker-scan-plugin-0.23.0-3.el7|0      Mon 27 Mar 2023 09:45:29 AM +08<br>  nettle-2.7.1-9.el7_9|(none)      Wed 18 May 2022 03:27:50 PM +08<br>  pciutils-libs-3.5.1-3.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  make-3.82-24.el7|1      Mon 27 Mar 2023 09:45:51 AM +08<br>  cockpit-bridge-195.12-1.el7.centos|(none)      Wed 18 May 2022 03:27:52 PM +08<br>  krb5-libs-1.15.1-55.el7_9|(none)      Mon 27 Mar 2023 09:45:56 AM +08<br>  Nessus-10.1.2-es6|(none)      Thu 19 May 2022 10:10:21 AM +08<br>  python-configobj-4.7.2-7.el7|(none)      Fri 06 May 2022 09:59:33 AM +08<br>  python-libs-2.7.5-92.el7_9|(none)      Mon 27 Mar 2023 09:45:59 AM +08<br>  audit-libs-2.8.5-4.el7|(none)      Wed 15 Jun 2022 02:35:48 PM +08<br>  libnetfilter_conntrack-1.0.6-1.el7_3|(none)      Fri 06 May 2022 09:59:34 AM +08<br>  shared-mime-info-1.8-5.el7|(none)      Mon 27 Mar 2023 09:46:00 AM +08<br>  audit-libs-python-2.8.5-4.el7|(none)      Wed 15 Jun 2022 02:35:48 PM +08<br>  gettext-0.19.8.1-3.el7|(none)      Mon 27 Mar 2023 09:46:01 AM +08<br>  python-backports-ssl_match_hostname-3.5.0.1-1.el7|(none)      Wed 15 Jun 2022 02:35:49 PM +08<br>  python-perf-3.10.0-1160.88.1.el7|(none)      Mon 27 Mar 2023 09:46:02 AM +08<br>  setools-libs-3.3.8-4.el7|(none)      Wed 15 Jun 2022 02:35:50 PM +08<br>  python-gobject-base-3.22.0-1.el7_4.1|(none)      Fri 06 May 2022 09:59:35 AM +08<br>  cryptsetup-libs-2.0.3-6.el7|(none)      Mon 27 Mar 2023 09:46:04 AM +08<br>  container-selinux-2.119.2-1.911c772.el7_8|2      Wed 15 Jun 2022 02:35:50 PM +08<br>  fipscheck-1.4.1-6.el7|(none)      Fri 06 May 2022 09:59:35 AM +08<br>  nss-sysinit-3.79.0-5.el7_9|(none)      Mon 27 Mar 2023 09:46:05 AM +08<br>  python-docker-py-1.10.6-11.el7|1      Wed 15 Jun 2022 02:36:49 PM +08<br>  binutils-2.27-44.base.el7_9.1|(none)      Mon 27 Mar 2023 09:46:08 AM +08<br>  kde-l10n-Chinese-4.10.5-2.el7|(none)      Thu 16 Jun 2022 01:57:38 PM +08<br>  curl-7.29.0-59.el7_9.1|(none)      Mon 27 Mar 2023 09:46:09 AM +08<br>  libgcc-4.8.5-44.el7|(none)      Fri 17 Jun 2022 02:37:49 PM +08<br>  rpm-build-libs-4.11.3-48.el7_9|(none)      Mon 27 Mar 2023 09:46:09 AM +08<br>  libmpc-1.0.1-3.el7|(none)      Fri 17 Jun 2022 02:37:57 PM +08<br>  fuse3-libs-3.6.1-4.el7|(none)      Mon 27 Mar 2023 09:46:11 AM +08<br>  glibc-headers-2.17-326.el7_9|(none)      Fri 17 Jun 2022 02:38:02 PM +08<br>  firewalld-filesystem-0.6.3-13.el7_9|(none)      Mon 27 Mar 2023 09:46:11 AM +08<br>  snappy-1.1.0-3.el7|(none)      Fri 06 May 2022 09:59:42 AM +08<br>  util-linux-2.23.2-65.el7_9.1|(none)      Mon 27 Mar 2023 09:46:13 AM +08<br>  systemd-libs-219-78.el7_9.7|(none)      Mon 27 Mar 2023 09:46:13 AM +08<br>  glusterfs-libs-6.0-61.el7|(none)      Thu 07 Jul 2022 02:42:50 PM +08<br>  elfutils-default-yama-scope-0.176-5.el7|(none)      Mon 27 Mar 2023 09:46:17 AM +08<br>  device-mapper-event-libs-1.02.170-6.el7_9.5|7      Thu 07 Jul 2022 02:42:51 PM +08<br>  libutempter-1.1.6-4.el7|(none)      Fri 06 May 2022 09:59:45 AM +08<br>  polkit-0.112-26.el7_9.1|(none)      Mon 27 Mar 2023 09:46:18 AM +08<br>  unbound-libs-1.6.6-5.el7_8|(none)      Thu 07 Jul 2022 02:42:51 PM +08<br>  dhcp-libs-4.2.5-83.el7.centos.1|12      Mon 27 Mar 2023 09:46:20 AM +08<br>  libcollection-0.7.0-32.el7|(none)      Thu 07 Jul 2022 02:42:54 PM +08<br>  libpipeline-1.2.3-3.el7|(none)      Fri 06 May 2022 09:59:45 AM +08<br>  dhcp-common-4.2.5-83.el7.centos.1|12      Mon 27 Mar 2023 09:46:21 AM +08<br>  libbasicobjects-0.1.1-32.el7|(none)      Thu 07 Jul 2022 02:42:55 PM +08<br>  containerd.io-1.6.19-3.1.el7|(none)      Mon 27 Mar 2023 09:46:27 AM +08<br>  nmap-ncat-6.40-19.el7|2      Thu 07 Jul 2022 02:42:57 PM +08<br>  perl-Git-1.8.3.1-24.el7_9|(none)      Mon 27 Mar 2023 09:46:33 AM +08<br>  lvm2-libs-2.02.187-6.el7_9.5|7      Thu 07 Jul 2022 02:42:58 PM +08<br>  plymouth-0.8.9-0.34.20140113.el7.centos|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  glusterfs-cli-6.0-61.el7|(none)      Thu 07 Jul 2022 02:43:00 PM +08<br>  teamd-1.29-3.el7|(none)      Mon 27 Mar 2023 09:46:35 AM +08<br>  cyrus-sasl-gssapi-2.1.26-24.el7_9|(none)      Thu 07 Jul 2022 02:43:01 PM +08<br>  ipset-libs-7.1-1.el7|(none)      Mon 27 Mar 2023 09:46:36 AM +08<br>  augeas-libs-1.4.0-10.el7|(none)      Thu 07 Jul 2022 02:43:04 PM +08<br>  firewalld-0.6.3-13.el7_9|(none)      Mon 27 Mar 2023 09:46:37 AM +08<br>  lzop-1.03-10.el7|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  kernel-tools-3.10.0-1160.88.1.el7|(none)      Mon 27 Mar 2023 09:46:38 AM +08<br>  keyutils-1.5.8-3.el7|(none)      Thu 07 Jul 2022 02:43:05 PM +08<br>  grub2-2.02-0.87.0.2.el7.centos.11|1      Mon 27 Mar 2023 09:46:39 AM +08<br>  bzip2-1.0.6-13.el7|(none)      Thu 07 Jul 2022 02:43:06 PM +08<br>  hwdata-0.252-9.7.el7|(none)      Mon 27 Mar 2023 09:46:51 AM +08<br>  libvirt-client-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:06 PM +08<br>  dracut-config-rescue-033-572.el7|(none)      Mon 27 Mar 2023 09:47:04 AM +08<br>  libini_config-1.3.1-32.el7|(none)      Thu 07 Jul 2022 02:43:07 PM +08<br>  ebtables-2.0.10-16.el7|(none)      Fri 06 May 2022 09:59:57 AM +08<br>  selinux-policy-targeted-3.13.1-268.el7_9.2|(none)      Mon 27 Mar 2023 09:47:07 AM +08<br>  libvirt-daemon-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:09 PM +08<br>  parted-3.1-32.el7|(none)      Mon 27 Mar 2023 09:47:22 AM +08<br>  libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:10 PM +08<br>  alsa-lib-1.1.8-1.el7|(none)      Mon 27 Mar 2023 09:47:23 AM +08<br>  libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl7260-firmware-25.30.13.0-80.el7_9|(none)      Mon 27 Mar 2023 09:47:27 AM +08<br>  libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl3945-firmware-15.32.2.9-80.el7_9|(none)      Mon 27 Mar 2023 09:47:27 AM +08<br>  libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.5|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl100-firmware-39.31.5.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:28 AM +08<br>  cockpit-machines-195.12-1.el7.centos|(none)      Thu 07 Jul 2022 02:43:11 PM +08<br>  iwl6000g2b-firmware-18.168.6.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:30 AM +08<br>  libICE-1.0.9-9.el7|(none)      Thu 07 Jul 2022 02:44:01 PM +08<br>  iwl6000-firmware-9.221.4.1-80.el7_9|(none)      Mon 27 Mar 2023 09:47:31 AM +08<br>  flac-libs-1.3.0-5.el7_1|(none)      Thu 07 Jul 2022 02:44:01 PM +08<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418928152" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418928152-container');" onmouseover="this.style.cursor='pointer'">42822 - Strict Transport Security (STS) Detection<div id="idp45188418928152-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418928152-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server implements Strict Transport Security.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server implements Strict Transport Security (STS).<br>The goal of STS is to make sure that a user does not accidentally downgrade the security of his or her browser.<br> <br>All unencrypted HTTP connections are redirected to HTTPS.  The browser is expected to treat all cookies as 'secure' and to close the connection in the event of potentially insecure situations.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418931992" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?2fb3aca6" target="_blank">http://www.nessus.org/u?2fb3aca6</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2009/11/16, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The STS header line is :<br> <br>Strict-Transport-Security: max-age=31536000; includeSubdomains<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418938520" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418938520-container');" onmouseover="this.style.cursor='pointer'">42822 - Strict Transport Security (STS) Detection<div id="idp45188418938520-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418938520-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server implements Strict Transport Security.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server implements Strict Transport Security (STS).<br>The goal of STS is to make sure that a user does not accidentally downgrade the security of his or her browser.<br> <br>All unencrypted HTTP connections are redirected to HTTPS.  The browser is expected to treat all cookies as 'secure' and to close the connection in the event of potentially insecure situations.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418942360" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?2fb3aca6" target="_blank">http://www.nessus.org/u?2fb3aca6</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2009/11/16, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The STS header line is :<br> <br>Strict-Transport-Security: max-age=63072000<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418965272" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418965272-container');" onmouseover="this.style.cursor='pointer'">42822 - Strict Transport Security (STS) Detection<div id="idp45188418965272-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418965272-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server implements Strict Transport Security.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server implements Strict Transport Security (STS).<br>The goal of STS is to make sure that a user does not accidentally downgrade the security of his or her browser.<br> <br>All unencrypted HTTP connections are redirected to HTTPS.  The browser is expected to treat all cookies as 'secure' and to close the connection in the event of potentially insecure situations.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418969112" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?2fb3aca6" target="_blank">http://www.nessus.org/u?2fb3aca6</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2009/11/16, Modified: 2019/11/22<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The STS header line is :<br> <br>Strict-Transport-Security: max-age=31536000<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418975640" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418975640-container');" onmouseover="this.style.cursor='pointer'">35351 - System Information Enumeration (via DMI)<div id="idp45188418975640-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418975640-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Information about the remote system's hardware can be read.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the SMBIOS (aka DMI) interface, it was possible to retrieve information about the remote system's hardware, such as its product name and serial number.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2009/01/12, Modified: 2016/08/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Chassis Information<br>  Serial Number : None<br>  Version       : N/A<br>  Manufacturer  : No Enclosure<br>  Lock          : Not Present<br>  Type          : Other<br> <br>System Information<br>  Serial Number : VMware-42 1b 43 57 8f 63 77 c0-df 52 fe 52 f4 3e e3 e6<br>  Version       : None<br>  Manufacturer  : VMware, Inc.<br>  Product Name  : VMware Virtual Platform<br>  Family        : Not Specified<br> <div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188418986008" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418986008-container');" onmouseover="this.style.cursor='pointer'">25220 - TCP/IP Timestamps Supported<div id="idp45188418986008-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418986008-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service implements TCP timestamps.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host implements TCP timestamps, as defined by RFC1323.  A side effect of this feature is that the uptime of the remote host can sometimes be computed.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188418989080" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.ietf.org/rfc/rfc1323.txt" target="_blank">http://www.ietf.org/rfc/rfc1323.txt</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2007/05/16, Modified: 2019/03/06<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188418994328" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188418994328-container');" onmouseover="this.style.cursor='pointer'">84821 - TLS ALPN Supported Protocol Enumeration<div id="idp45188418994328-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188418994328-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the TLS ALPN extension.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the TLS ALPN extension. This plugin enumerates the protocols the extension supports.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419001496" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/rfc7301" target="_blank">https://tools.ietf.org/html/rfc7301</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2015/07/17, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  http/1.1<br>  h2<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188419007640" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419007640-container');" onmouseover="this.style.cursor='pointer'">87242 - TLS NPN Supported Protocol Enumeration<div id="idp45188419007640-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419007640-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the TLS NPN extension.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host supports the TLS NPN (Transport Layer Security Next Protocol Negotiation) extension. This plugin enumerates the protocols the extension supports.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419010712" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/id/draft-agl-tls-nextprotoneg-03.html" target="_blank">https://tools.ietf.org/id/draft-agl-tls-nextprotoneg-03.html</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2015/12/08, Modified: 2023/07/10<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>NPN Supported Protocols: <br> <br>  h2<br>  http/1.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188419017368" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419017368-container');" onmouseover="this.style.cursor='pointer'">62564 - TLS Next Protocols Supported<div id="idp45188419017368-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419017368-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service advertises one or more protocols as being supported over TLS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">This script detects which protocols are advertised by the remote service to be encapsulated by TLS connections.<br> <br>Note that Nessus did not attempt to negotiate TLS sessions with the protocols shown.  The remote service may be falsely advertising these protocols and / or failing to advertise other supported protocols.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419020952" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04" target="_blank">https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://technotes.googlecode.com/git/nextprotoneg.html" target="_blank">https://technotes.googlecode.com/git/nextprotoneg.html</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2012/10/16, Modified: 2022/04/11<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The target advertises that the following protocols are<br>supported over SSL / TLS:<br> <br>  h2<br>  http/1.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419041048" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419041048-container');" onmouseover="this.style.cursor='pointer'">121010 - TLS Version 1.1 Protocol Detection<div id="idp45188419041048-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419041048-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts traffic using an older version of TLS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service accepts connections encrypted using TLS 1.1.<br>TLS 1.1 lacks support for current and recommended cipher suites.<br>Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM cannot be used with TLS 1.1<br> <br>As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419045144" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00" target="_blank">https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00</a></td></tr>
<tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.nessus.org/u?c8ae820d" target="_blank">http://www.nessus.org/u?c8ae820d</a></td></tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188419053720" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1"><a href="http://cwe.mitre.org/data/definitions/327" target="_blank">CWE:327</a></td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2019/01/08, Modified: 2023/04/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">TLSv1.1 is enabled and the server supports at least one cipher.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419058072" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419058072-container');" onmouseover="this.style.cursor='pointer'">136318 - TLS Version 1.2 Protocol Detection<div id="idp45188419058072-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419058072-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts traffic using a version of TLS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service accepts connections encrypted using TLS 1.2.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419061144" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/rfc5246" target="_blank">https://tools.ietf.org/html/rfc5246</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">N/A<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2020/05/04, Modified: 2020/05/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/3443/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">TLSv1.2 is enabled and the server supports at least one cipher.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419079192" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419079192-container');" onmouseover="this.style.cursor='pointer'">136318 - TLS Version 1.2 Protocol Detection<div id="idp45188419079192-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419079192-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts traffic using a version of TLS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service accepts connections encrypted using TLS 1.2.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419082264" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/rfc5246" target="_blank">https://tools.ietf.org/html/rfc5246</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">N/A<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2020/05/04, Modified: 2020/05/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">TLSv1.2 is enabled and the server supports at least one cipher.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419088024" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419088024-container');" onmouseover="this.style.cursor='pointer'">136318 - TLS Version 1.2 Protocol Detection<div id="idp45188419088024-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419088024-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts traffic using a version of TLS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service accepts connections encrypted using TLS 1.2.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419091096" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/rfc5246" target="_blank">https://tools.ietf.org/html/rfc5246</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">N/A<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2020/05/04, Modified: 2020/05/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/8834/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">TLSv1.2 is enabled and the server supports at least one cipher.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419096856" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419096856-container');" onmouseover="this.style.cursor='pointer'">136318 - TLS Version 1.2 Protocol Detection<div id="idp45188419096856-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419096856-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service encrypts traffic using a version of TLS.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote service accepts connections encrypted using TLS 1.2.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419099928" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://tools.ietf.org/html/rfc5246" target="_blank">https://tools.ietf.org/html/rfc5246</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">N/A<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2020/05/04, Modified: 2020/05/04<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">TLSv1.2 is enabled and the server supports at least one cipher.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419117976" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419117976-container');" onmouseover="this.style.cursor='pointer'">141118 - Target Credential Status by Authentication Protocol - Valid Credentials Provided<div id="idp45188419117976-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419117976-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Valid credentials were provided for an available authentication protocol.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to determine that valid credentials were provided for an authentication protocol available on the remote target because it was able to successfully authenticate directly to the remote target using that authentication protocol at least once. Authentication was successful because the authentication protocol service was available remotely, the service was able to be identified, the authentication protocol was able to be negotiated successfully, and a set of credentials provided in the scan policy for that authentication protocol was accepted by the remote service. See plugin output for details, including protocol, port, and account.<br> <br>Please note the following :<br> <br>- This plugin reports per protocol, so it is possible for   valid credentials to be provided for one protocol and not   another. For example, authentication may succeed via SSH   but fail via SMB, while no credentials were provided for   an available SNMP service.<br> <br>- Providing valid credentials for all available   authentication protocols may improve scan coverage, but   the value of successful authentication for a given   protocol may vary from target to target depending upon   what data (if any) is gathered from the target via that   protocol. For example, successful authentication via SSH   is more valuable for Linux targets than for Windows   targets, and likewise successful authentication via SMB   is more valuable for Windows targets than for Linux   targets.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2020/10/15, Modified: 2021/07/26<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/22/ssh</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus was able to log in to the remote host via the following :<br> <br>User:       'root'<br>Port:       22<br>Proto:      SSH<br>Method:     password<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419144600" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419144600-container');" onmouseover="this.style.cursor='pointer'">163326 - Tenable Nessus Installed (Linux)<div id="idp45188419144600-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419144600-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus is installed on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Tenable Nessus is installed on the remote Linux host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419147672" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://www.tenable.com/products/nessus" target="_blank">https://www.tenable.com/products/nessus</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2022/07/21, Modified: 2023/08/28<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  Path    : /opt/nessus<br>  Version : 10.1.2<br>  Binary  : /opt/nessus/sbin/nessusd<br>  Package : Nessus-10.1.2-es6<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188419154328" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419154328-container');" onmouseover="this.style.cursor='pointer'">56468 - Time of Last System Startup<div id="idp45188419154328-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419154328-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The system has been started.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, Nessus was able to determine when the host was last started.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2011/10/12, Modified: 2018/06/19<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  reboot   system boot  3.10.0-1160.88.1 Tue Aug  8 14:13 - 11:23 (40+21:09)  <br>  reboot   system boot  3.10.0-1160.88.1 Mon May 22 10:38 - 11:23 (119+00:44) <br>  reboot   system boot  3.10.0-957.el7.x Wed Mar  8 17:35 - 11:23 (193+17:48) <br>  reboot   system boot  3.10.0-957.el7.x Wed Sep 28 10:06 - 11:23 (355+01:17) <br>  reboot   system boot  3.10.0-957.el7.x Fri May  6 10:15 - 11:23 (500+01:08) <br>  <br>  wtmp begins Fri May  6 10:15:20 2022<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419179672" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419179672-container');" onmouseover="this.style.cursor='pointer'">10287 - Traceroute Information<div id="idp45188419179672-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419179672-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">It was possible to obtain traceroute information.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Makes a traceroute to the remote host.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 1999/11/27, Modified: 2023/06/26<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>udp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">For your information, here is the traceroute from 60.0.0.4 to 172.16.187.220 : <br>60.0.0.4<br> <br>An error was detected along the way.<br>60.0.0.1<br>?<br>172.16.187.220<br> <br>Hop Count: 4<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419188888" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419188888-container');" onmouseover="this.style.cursor='pointer'">83303 - Unix / Linux - Local Users Information : Passwords Never Expire<div id="idp45188419188888-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419188888-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">At least one local user has a password that never expires.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Using the supplied credentials, Nessus was able to list local users that are enabled and whose passwords never expire.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Allow or require users to change their passwords regularly.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2015/05/10, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>Nessus found the following unlocked users with passwords that do not expire :<br>  - root<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188419200664" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419200664-container');" onmouseover="this.style.cursor='pointer'">110483 - Unix / Linux Running Processes Information<div id="idp45188419200664-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419200664-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Uses /bin/ps auxww command to obtain the list of running processes on the target machine at scan time.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Generated report details the running processes on the target machine at scan time.<br>  This plugin is informative only and could be used for forensic   investigation, malware detection, and to confirm that your system   processes conform to your system policies.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2018/06/12, Modified: 2022/06/29<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND<br>root          1  0.0  0.0 191316  4240 ?        Ss   Aug08  14:55 /usr/lib/systemd/systemd --switched-root --system --deserialize 22<br>root          2  0.0  0.0      0     0 ?        S    Aug08   0:00 [kthreadd]<br>root          4  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/0:0H]<br>root          6  0.0  0.0      0     0 ?        S    Aug08   0:16 [ksoftirqd/0]<br>root          7  0.0  0.0      0     0 ?        S    Aug08   0:58 [migration/0]<br>root          8  0.0  0.0      0     0 ?        S    Aug08   0:00 [rcu_bh]<br>root          9  0.1  0.0      0     0 ?        S    Aug08  97:09 [rcu_sched]<br>root         10  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [lru-add-drain]<br>root         11  0.0  0.0      0     0 ?        S    Aug08   0:20 [watchdog/0]<br>root         12  0.0  0.0      0     0 ?        S    Aug08   0:22 [watchdog/1]<br>root         13  0.0  0.0      0     0 ?        S    Aug08   0:59 [migration/1]<br>root         14  0.0  0.0      0     0 ?        S    Aug08   0:17 [ksoftirqd/1]<br>root         16  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/1:0H]<br>root         17  0.0  0.0      0     0 ?        S    Aug08   0:22 [watchdog/2]<br>root         18  0.0  0.0      0     0 ?        S    Aug08   0:59 [migration/2]<br>root         19  0.0  0.0      0     0 ?        S    Aug08   0:13 [ksoftirqd/2]<br>root         21  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/2:0H]<br>root         22  0.0  0.0      0     0 ?        S    Aug08   0:22 [watchdog/3]<br>root         23  0.0  0.0      0     0 ?        S    Aug08   0:56 [migration/3]<br>root         24  0.0  0.0      0     0 ?        S    Aug08   0:12 [ksoftirqd/3]<br>root         26  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/3:0H]<br>root         27  0.0  0.0      0     0 ?        S    Aug08   0:22 [watchdog/4]<br>root         28  0.0  0.0      0     0 ?        S    Aug08   1:02 [migration/4]<br>root         29  0.0  0.0      0     0 ?        S    Aug08   0:07 [ksoftirqd/4]<br>root         31  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/4:0H]<br>root         32  0.0  0.0      0     0 ?        S    Aug08   0:22 [watchdog/5]<br>root         33  0.0  0.0      0     0 ?        S    Aug08   0:54 [migration/5]<br>root         34  0.0  0.0      0     0 ?        S    Aug08   0:06 [ksoftirqd/5]<br>root         36  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/5:0H]<br>root         37  0.0  0.0      0     0 ?        S    Aug08   0:21 [watchdog/6]<br>root         38  0.0  0.0      0     0 ?        S    Aug08   0:55 [migration/6]<br>root         39  0.0  0.0      0     0 ?        S    Aug08   0:12 [ksoftirqd/6]<br>root         41  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/6:0H]<br>root         42  0.0  0.0      0     0 ?        S    Aug08   0:21 [watchdog/7]<br>root         43  0.0  0.0      0     0 ?        S    Aug08   0:49 [migration/7]<br>root         44  0.0  0.0      0     0 ?        S    Aug08   0:10 [ksoftirqd/7]<br>root         46  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kworker/7:0H]<br>root         48  0.0  0.0      0     0 ?        S    Aug08   0:00 [kdevtmpfs]<br>root         49  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [netns]<br>root         50  0.0  0.0      0     0 ?        S    Aug08   0:07 [khungtaskd]<br>root         51  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [writeback]<br>root         52  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kintegrityd]<br>root         53  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [bioset]<br>root         54  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [bioset]<br>root         55  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [bioset]<br>root         56  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kblockd]<br>root         57  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [md]<br>root         58  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [edac-poller]<br>root         59  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [watchdogd]<br>root         65  0.0  0.0      0     0 ?        S    Aug08   3:42 [kswapd0]<br>root         66  0.0  0.0      0     0 ?        SN   Aug08   0:00 [ksmd]<br>root         67  0.0  0.0      0     0 ?        SN   Aug08   0:27 [khugepaged]<br>root         68  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [crypto]<br>root         76  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kthrotld]<br>root         78  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kmpath_rdacd]<br>root         79  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kaluad]<br>root         81  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [kpsmoused]<br>root         83  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [ipv6_addrconf]<br>root         97  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [deferwq]<br>root        136  0.0  0.0      0     0 ?        S    Aug08   0:01 [kauditd]<br>root        276  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_0]<br>root        278  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_0]<br>root        279  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [vmw_pvscsi_wq_0]<br>root        282  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [nfit]<br>root        291  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [ata_sff]<br>root        295  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_1]<br>root        296  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_1]<br>root        298  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_2]<br>root        299  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_2]<br>root        307  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_3]<br>root        308  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_3]<br>root        309  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_4]<br>root        310  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_4]<br>root        311  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_5]<br>root        312  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_5]<br>root        314  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_6]<br>root        315  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_6]<br>root        316  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_7]<br>root        317  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_7]<br>root        318  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_8]<br>root        319  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_8]<br>root        320  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_9]<br>root        321  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_9]<br>root        322  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_10]<br>root        323  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_10]<br>root        324  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_11]<br>root        325  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_11]<br>root        326  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_12]<br>root        327  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_12]<br>root        328  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_13]<br>root        329  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_13]<br>root        330  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_14]<br>root        331  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_14]<br>root        332  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_15]<br>root        333  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_15]<br>root        334  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_16]<br>root        335  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_16]<br>root        336  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_17]<br>root        337  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_17]<br>root        338  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_18]<br>root        339  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_18]<br>root        340  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_19]<br>root        341  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_19]<br>root        342  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_20]<br>root        343  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_20]<br>root        344  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_21]<br>root        345  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_21]<br>root        346  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_22]<br>root        347  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_22]<br>root        348  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_23]<br>root        349  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_23]<br>root        350  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_24]<br>root        351  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_24]<br>root        352  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_25]<br>root        353  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_25]<br>root        354  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_26]<br>root        355  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_26]<br>root        356  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_27]<br>root        357  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_27]<br>root        358  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_28]<br>root        359  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_28]<br>root        360  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_29]<br>root        361  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_29]<br>root        362  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_30]<br>root        363  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_30]<br>root        364  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_31]<br>root        365  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_31]<br>root        366  0.0  0.0      0     0 ?        S    Aug08   0:00 [scsi_eh_32]<br>root        367  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [scsi_tmf_32]<br>root        395  0.0  0.0      0     0 ?        S    Aug08   0:00 [irq/16-vmwgfx]<br>root        396  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [ttm_swap]<br>root        416  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [bioset]<br>root        417  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfsalloc]<br>root        418  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs_mru_cache]<br>root        419  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-buf/sda2]<br>root        420  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-data/sda2]<br>root        421  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-conv/sda2]<br>root        422  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-cil/sda2]<br>root        423  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-reclaim/sda]<br>root        424  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-log/sda2]<br>root        425  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-eofblocks/s]<br>root        426  0.0  0.0      0     0 ?        S    Aug08  31:59 [xfsaild/sda2]<br>root        427  0.0  0.0      0     0 ?        S&lt;   Aug08   0:05 [kworker/2:1H]<br>root        510  0.0  0.0  47656 10336 ?        Ss   Aug08   0:33 /usr/lib/systemd/systemd-journald<br>root        528  0.0  0.0 116644  1156 ?        Ss   Aug08   0:00 /usr/sbin/lvmetad -f<br>root        543  0.0  0.0  45624  2056 ?        Ss   Aug08   0:02 /usr/lib/systemd/systemd-udevd<br>root        639  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-buf/sda1]<br>root        640  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-data/sda1]<br>root        641  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-conv/sda1]<br>root        642  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-cil/sda1]<br>root        643  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-reclaim/sda]<br>root        644  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-log/sda1]<br>root        645  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xfs-eofblocks/s]<br>root        648  0.0  0.0      0     0 ?        S    Aug08   0:00 [xfsaild/sda1]<br>root        675  0.0  0.0  55532  1044 ?        S&lt;sl Aug08   0:08 /sbin/auditd<br>root        679  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [rpciod]<br>root        680  0.0  0.0      0     0 ?        S&lt;   Aug08   0:00 [xprtiod]<br>root        700  0.0  0.0      0     0 ?        S&lt;   Aug08   0:01 [kworker/6:1H]<br>rpc         708  0.0  0.0  69320  1504 ?        Ss   Aug08   0:09 /sbin/rpcbind -w<br>root        715  0.0  0.0  26384  1804 ?        Ss   Aug08   0:37 /usr/lib/systemd/systemd-logind<br>dbus        718  0.0  0.0  58408  2600 ?        Ss   Aug08   1:06 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation<br>root        728  0.0  0.0  21696  1348 ?        Ss   Aug08  12:36 /usr/sbin/irqbalance --foreground<br>polkitd     730  0.0  0.0 613016 12496 ?        Ssl  Aug08   0:28 /usr/lib/polkit-1/polkitd --no-debug<br>root        732  0.0  0.0 195208  1252 ?        Ssl  Aug08   0:00 /usr/sbin/gssproxy -D<br>root        748  0.0  0.0 116448  1984 ?        S    Aug08   5:27 /bin/bash /usr/sbin/ksmtuned<br>root        755  0.0  0.0 477172  8736 ?        Ssl  Aug08  42:53 /usr/sbin/NetworkManager --no-daemon<br>root        832  0.0  0.0      0     0 ?        S&lt;   Aug08   0:05 [kworker/1:1H]<br>root        881  0.0  0.0      0     0 ?        S&lt;   Aug08   0:02 [kworker/5:1H]<br>root       1064  0.0  0.1 574288 18104 ?        Ssl  Aug08  12:31 /usr/bin/python2 -Es /usr/sbin/tuned -l -P<br>root       1119  0.0  0.0 260896  8356 ?        Ssl  Aug08   4:51 /usr/sbin/rsyslogd -n<br>root       1127  0.1  0.2 1430172 43156 ?       Ssl  Aug08  85:25 /usr/bin/containerd<br>root       1145  0.0  0.0 1011324 13320 ?       Ssl  Aug08   0:04 /usr/sbin/libvirtd<br>root       1160  0.0  0.0 126388  1612 ?        Ss   Aug08   0:15 /usr/sbin/crond -n<br>root       1163  0.0  0.0  51656  1448 ?        Ss   Aug08   0:00 sshd: /usr/sbin/sshd [listener] 1 of 10-100 startups<br>root       1287  0.0  0.0  12692   460 ?        S    Aug08   0:00 /opt/nessus/sbin/nessus-service -q -D<br>root       1291  2.1 10.3 3771504 1689372 ?     Sl   Aug08 1279:36 nessusd -q<br>root       1309  0.0  0.0 110208   860 tty1     Ss+  Aug08   0:00 /sbin/agetty --noclear tty1 linux<br>root       1403  0.0  0.0      0     0 ?        S&lt;   Aug08   0:03 [kworker/4:1H]<br>root       1429  0.0  0.0      0     0 ?        S&lt;   Aug08   0:04 [kworker/3:1H]<br>root       1522  0.0  0.0  89804  2152 ?        Ss   Aug08   0:22 /usr/libexec/postfix/master -w<br>postfix    1538  0.0  0.0  90084  4260 ?        S    Aug08   0:04 qmgr -l -t unix -u<br>root       1712  0.0  0.0      0     0 ?        S&lt;   Aug08   0:13 [kworker/0:1H]<br>nobody     1742  0.0  0.0  56124  1080 ?        S    Aug08   0:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper<br>root       1744  0.0  0.0  56096   388 ?        S    Aug08   0:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper<br>root       1878  0.0  0.0      0     0 ?        S&lt;   Aug08   0:14 [kworker/7:1H]<br>root      12274  0.0  0.0      0     0 ?        S    Sep06   1:16 [kworker/6:0]<br>root      13850  0.0  0.0      0     0 ?        S    Sep14   0:08 [kworker/2:0]<br>root      20456  0.0  0.0      0     0 ?        S    Sep11   1:14 [kworker/u256:0]<br>root      20481  0.0  0.0      0     0 ?        S    Sep11   0:08 [kworker/4:1]<br>root      20552  0.0  0.0      0     0 ?        S    Sep11   0:00 [kworker/5:2]<br>root      20576  0.0  0.0      0     0 ?        S    Sep13   0:00 [kworker/6:2]<br>root      20591  0.0  0.0      0     0 ?        S    Sep11   0:16 [kworker/1:1]<br>root      20601  0.0  0.0      0     0 ?        S    Sep11   0:12 [kworker/3:3]<br>root      20607  0.0  0.0      0     0 ?        S    Sep11   0:00 [kworker/2:1]<br>root      20897  0.0  0.0      0     0 ?        S    Sep13   0:00 [kworker/3:0]<br>root      21016  0.1  0.3 1439480 62584 ?       Ssl  Sep11  14:26 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock<br>root      21251  0.0  0.0 972328  8020 ?        Sl   Sep11   0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 9999 -container-ip 172.17.0.2 -container-port 80<br>root      21258  0.0  0.0 972328  8024 ?        Sl   Sep11   0:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 9999 -container-ip 172.17.0.2 -container-port 80<br>root      21287  0.0  0.0 720476 10840 ?        Sl   Sep11   1:40 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 37e59307341c2ae73828ff7826d23852a320f2d1bc033f95eae64c50b29bb38d -address /run/containerd/containerd.sock<br>root      21298  0.0  0.0 720732 10296 ?        Sl   Sep11   1:07 /usr/bin/containerd-shim-runc-v2 -namespace moby -id a2b2f61453ac89fa859fbb537ce3ee5497e8b2ff7c30635d510acceb8dbb1fc9 -address /run/containerd/containerd.sock<br>root      21315  0.0  0.0 972328  8024 ?        Sl   Sep11   0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.17.0.3 -container-port 80<br>root      21318  0.0  0.0 824864  5976 ?        Sl   Sep11   0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 5003 -container-ip 172.19.0.3 -container-port 443<br>root      21336  0.0  0.0 980524 10072 ?        Sl   Sep11   0:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 80 -container-ip 172.17.0.3 -container-port 80<br>root      21338  0.0  0.0 915244 10072 ?        Sl   Sep11   0:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 5003 -container-ip 172.19.0.3 -container-port 443<br>root      21369  0.0  0.0  13288  1452 ?        Ss   Sep11   0:00 sh -c wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; python3.6 -m app.scheduler<br>root      21376  0.0  0.0 117564 14980 ?        Ss   Sep11   6:20 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf<br>root      21391  0.0  0.0 720476 12076 ?        Sl   Sep11   1:18 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 88854ca93fdc6cbc539fb746f2d461c8253e08d1bbeb68604866d3647168ebe6 -address /run/containerd/containerd.sock<br>root      21430  0.0  0.0 720732  9768 ?        Sl   Sep11   1:11 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 912e39259a6cd8cdba60b8d98c5e34afe989536cc74b3ea9d6319aa772079769 -address /run/containerd/containerd.sock<br>polkitd   21442  0.9  0.3 1121832 63788 ?       Ssl  Sep11  90:53 mongod --auth --bind_ip_all<br>root      21460  0.0  0.0 720732  7244 ?        Sl   Sep11   1:05 /usr/bin/containerd-shim-runc-v2 -namespace moby -id faa51e572b870e89a0d9479fe6a5cfd39c523a3275b9f630c3507a3ca11d2b86 -address /run/containerd/containerd.sock<br>root      21482  0.0  0.1 1381848 18000 ?       Ssl  Sep11   0:03 ./kuboard-spray<br>root      21510  0.0  0.0  13288  1456 ?        Ss   Sep11   0:00 sh -c gen_crt.sh; nginx; wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log<br>root      21537  0.0  0.0 720220  6276 ?        Sl   Sep11   1:32 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 44ada60e113a6cecd8b62300437bb8e79fc6a65c6dd2caa754b501f22587f978 -address /run/containerd/containerd.sock<br>root      21547  0.0  0.0 720476  6516 ?        Sl   Sep11   1:07 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 30d89bf4c2655b84c7317a553a7cdc3e075e5c432a31df2219a20322d699011e -address /run/containerd/containerd.sock<br>100       21606  0.0  0.0   1608   500 ?        Ss   Sep11   0:04 /bin/sh /opt/rabbitmq/sbin/rabbitmq-server<br>root      21628  0.0  0.0  13288  1456 ?        Ss   Sep11   0:00 sh -c wait-for-it.sh mongodb:27017; wait-for-it.sh rabbitmq:5672; celery -A app.celerytask.celery worker -l info -Q arlgithub -n arlgithub -c 2 -O fair -f arl_worker.log &amp; celery -A app.celerytask.celery worker -l info -Q arltask -n arltask -c 2 -O fair -f arl_worker.log<br>root      21871  0.0  0.0  49548  1140 ?        Ss   Sep11   0:00 nginx: master process nginx<br>polkitd   21872  0.0  0.0  50144  4084 ?        S    Sep11   0:00 nginx: worker process<br>polkitd   21873  0.0  0.0  50144  3820 ?        S    Sep11   0:00 nginx: worker process<br>polkitd   21874  0.0  0.0  50116  3792 ?        S    Sep11   0:00 nginx: worker process<br>polkitd   21875  0.0  0.0  50148  3860 ?        S    Sep11   0:00 nginx: worker process<br>polkitd   21876  0.0  0.0  50116  4052 ?        S    Sep11   0:00 nginx: worker process<br>polkitd   21877  0.0  0.0  50148  4384 ?        S    Sep11   0:02 nginx: worker process<br>polkitd   21878  0.0  0.0  50144  4224 ?        S    Sep11   0:01 nginx: worker process<br>polkitd   21879  0.0  0.0  50148  4120 ?        S    Sep11   0:00 nginx: worker process<br>root      22050  0.0  0.1 120664 19800 ?        S    Sep11   3:14 /usr/bin/python3 /usr/local/bin/gunicorn -b 127.0.0.1:9001 -w 2 --threads 8 --access-logfile - spug.wsgi<br>root      22051  0.0  0.4 338412 81132 ?        Sl   Sep11   0:12 python3 manage.py runworker<br>root      22052  0.1  0.0  40940  7832 ?        Sl   Sep11  13:43 redis-server 127.0.0.1:6379<br>root      22053  0.0  0.3 273216 55116 ?        S    Sep11   7:59 /usr/bin/python3 /usr/local/bin/daphne -p 9002 spug.asgi:application<br>root      22054  0.0  0.0  39308  4136 ?        S    Sep11   0:00 nginx: master process nginx -g daemon off;<br>root      22055  0.0  0.5 2552080 86028 ?       Sl   Sep11   1:43 python3 manage.py runscheduler<br>27        22056  0.1  0.5 1102704 81960 ?       Sl   Sep11  14:56 /usr/libexec/mysqld --user=mysql<br>root      22057  0.0  0.5 338720 81860 ?        Sl   Sep11   0:02 python3 manage.py runmonitor<br>cockpit+  22077  0.0  0.0  39804  2400 ?        S    Sep11   0:00 nginx: worker process<br>cockpit+  22078  0.0  0.0  39708  2076 ?        S    Sep11   0:00 nginx: worker process<br>cockpit+  22079  0.0  0.0  39708  2076 ?        S    Sep11   0:00 nginx: worker process<br>cockpit+  22080  0.0  0.0  39708  2084 ?        S    Sep11   0:00 nginx: worker process<br>cockpit+  22081  0.0  0.0  39708  2084 ?        S    Sep11   0:00 nginx: worker process<br>cockpit+  22082  0.0  0.0  39708  2084 ?        S    Sep11   0:00 nginx: worker process<br>cockpit+  22083  0.0  0.0  39804  2508 ?        S    Sep11   0:00 nginx: worker process<br>cockpit+  22084  0.0  0.0  39708  2076 ?        S    Sep11   0:00 nginx: worker process<br>100       22141  0.0  0.0   3216  2504 ?        S    Sep11   0:18 /usr/local/lib/erlang/erts-12.0.3/bin/epmd -daemon<br>root      22159  0.0  0.4 402328 77424 ?        Sl   Sep11   4:29 /usr/bin/python3 /usr/local/bin/gunicorn -b 127.0.0.1:9001 -w 2 --threads 8 --access-logfile - spug.wsgi<br>root      22161  0.0  0.4 549716 77428 ?        Sl   Sep11   4:28 /usr/bin/python3 /usr/local/bin/gunicorn -b 127.0.0.1:9001 -w 2 --threads 8 --access-logfile - spug.wsgi<br>root      22174  0.0  0.0 114888  5024 ?        Ss   Sep13   0:30 sshd: root@pts/0<br>root      22177  0.0  0.0 114524  4516 ?        Ss   Sep13   0:00 sshd: root@notty<br>root      22179  0.0  0.0 116868  3536 pts/0    Ss   Sep13   0:00 -bash<br>100       22541  0.9  0.9 1286848 148100 ?      Sl   Sep11  88:47 /usr/local/lib/erlang/erts-12.0.3/bin/beam.smp -W w -MBas ageffcbf -MHas ageffcbf -MBlmbcs 512 -MHlmbcs 512 -MMmcs 30 -P 1048576 -t 5000000 -stbt db -zdbbl 128000 -sbwt none -sbwtdcpu none -sbwtdio none -B i -- -root /usr/local/lib/erlang -progname erl -- -home /var/lib/rabbitmq -- -pa  -noshell -noinput -s rabbit boot -boot start_sasl -lager crash_log false -lager handlers []<br>100       22548  0.0  0.0    780   280 ?        Ss   Sep11   0:36 erl_child_setup 1048576<br>100       22730  0.0  0.0    816   244 ?        Ss   Sep11   0:01 inet_gethost 4<br>100       22731  0.0  0.0    816    40 ?        S    Sep11   0:01 inet_gethost 4<br>root      22770  0.0  0.1 116144 19372 ?        S    Sep11   3:34 /usr/bin/python3 /usr/local/bin/gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log<br>root      22771  0.2  0.4 232980 68104 ?        S    Sep11  24:53 /usr/bin/python3 /usr/local/bin/celery -A app.celerytask.celery worker -l info -Q arlgithub -n arlgithub -c 2 -O fair -f arl_worker.log<br>root      22772  0.2  0.4 232720 68100 ?        S    Sep11  25:56 /usr/bin/python3 /usr/local/bin/celery -A app.celerytask.celery worker -l info -Q arltask -n arltask -c 2 -O fair -f arl_worker.log<br>root      22774  0.0  0.3 366800 54224 ?        Sl   Sep11   8:42 python3.6 -m app.scheduler<br>root      22778  0.0  0.4 232812 68300 ?        S    Sep11   0:22 /usr/bin/python3 /usr/local/bin/gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log<br>root      22784  0.0  0.4 232812 68300 ?        S    Sep11   0:23 /usr/bin/python3 /usr/local/bin/gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log<br>root      22791  0.0  0.4 232816 68292 ?        S    Sep11   0:22 /usr/bin/python3 /usr/local/bin/gunicorn -b 0.0.0.0:5003 app.main:arl_app -w 3 --access-logfile arl_web.log<br>root      22809  0.0  0.3 229668 59392 ?        S    Sep11   0:00 /usr/bin/python3 /usr/local/bin/celery -A app.celerytask.celery worker -l info -Q arlgithub -n arlgithub -c 2 -O fair -f arl_worker.log<br>root      22810  0.0  0.3 229668 59372 ?        S    Sep11   0:00 /usr/bin/python3 /usr/local/bin/celery -A app.celerytask.celery worker -l info -Q arltask -n arltask -c 2 -O fair -f arl_worker.log<br>root      22811  0.0  0.3 229672 59412 ?        S    Sep11   0:00 /usr/bin/python3 /usr/local/bin/celery -A app.celerytask.celery worker -l info -Q arlgithub -n arlgithub -c 2 -O fair -f arl_worker.log<br>root      22812  0.0  0.3 229672 59380 ?        S    Sep11   0:00 /usr/bin/python3 /usr/local/bin/celery -A app.celerytask.celery worker -l info -Q arltask -n arltask -c 2 -O fair -f arl_worker.log<br>root      23239  0.0  0.0 720732  7328 ?        Sl   Sep11   1:41 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 80afa781401ffe6e5a65049e2310c95a08e7c30d10257f57bd87f0ba9f4b81f8 -address /run/containerd/containerd.sock<br>root      23262  0.0  0.0 720732  6624 ?        Sl   Sep11   1:09 /usr/bin/containerd-shim-runc-v2 -namespace moby -id b085cf3fb55a4abe8733c399742b09239ea9a0ace5d6140e67690887dedc1e36 -address /run/containerd/containerd.sock<br>polkitd   23282  1.2  2.1 2123952 342620 ?      Ssl  Sep11 121:44 mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci<br>polkitd   23294  0.3  0.0  52784  4584 ?        Ssl  Sep11  37:49 redis-server *:6379<br>root      23437  0.0  0.0 720476  6448 ?        Sl   Sep11   1:40 /usr/bin/containerd-shim-runc-v2 -namespace moby -id d5b3428e030fe7433ce6bfddb3300ee6f0d12690dac45608c67483809eb4a32d -address /run/containerd/containerd.sock<br>root      23460  0.4  0.3 1780420 49364 ?       Ssl  Sep11  39:17 ./sdnLcm<br>root      23566  0.0  0.0 972328  2124 ?        Sl   Sep11   0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 51371 -container-ip 172.20.0.5 -container-port 51370<br>root      23572  0.0  0.0 972328  2120 ?        Sl   Sep11   0:01 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 51371 -container-ip 172.20.0.5 -container-port 51370<br>root      23589  0.0  0.0 720476  6636 ?        Sl   Sep11   1:38 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 934e0f2e8d4c2f71b4b4134359081e80454b0d6f7ec46a049692c70a5abe2da3 -address /run/containerd/containerd.sock<br>root      23610  0.0  0.0  10760  3608 ?        Ss   Sep11   0:00 nginx: master process nginx -g daemon off;<br>101       23753  0.0  0.0  11268  2332 ?        S    Sep11   0:01 nginx: worker process<br>root      61581  0.0  0.0 972328  2144 ?        Sl   09:42   0:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 3443 -container-ip 172.17.0.4 -container-port 3443<br>root      61588  0.0  0.0 906792  2116 ?        Sl   09:42   0:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 3443 -container-ip 172.17.0.4 -container-port 3443<br>root      61609  0.1  0.0 720476  6600 ?        Sl   09:42   0:07 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 3a98b4be179d575230e1ee29ad81124f9e9606f18d305da7da6f84ff4fa589ec -address /run/containerd/containerd.sock<br>root      61631  0.0  0.0   2404   632 pts/0    Ss+  09:42   0:00 /bin/sh -c echo -e "127.0.0.1 updates.acunetix.com\n127.0.0.1 erp.acunetix.com\n127.0.0.1 bxss.me" &gt;&gt; /etc/hosts &amp;&amp; su acunetix -c /home/acunetix/.acunetix/start.sh<br>root      61664  0.0  0.0   6808  2420 pts/0    S+   09:42   0:00 su acunetix -c /home/acunetix/.acunetix/start.sh<br>polkitd   61672  0.0  0.0   2404   372 ?        Ss   09:42   0:00 sh -c /home/acunetix/.acunetix/start.sh<br>polkitd   61673  0.0  0.0   3872  1692 ?        S    09:42   0:00 /bin/bash /home/acunetix/.acunetix/start.sh<br>polkitd   61678  0.0  0.0 157360 13540 ?        Ss   09:42   0:00 /home/acunetix/.acunetix/v_220425114/database/bin/postgres -D /home/acunetix/.acunetix/db --port=35432<br>polkitd   61687  0.0  0.0 157492  8944 ?        Ss   09:42   0:00 postgres: checkpointer <br>polkitd   61688  0.0  0.0 157360  2364 ?        Ss   09:42   0:00 postgres: background writer <br>polkitd   61689  0.0  0.0 157360  5000 ?        Ss   09:42   0:00 postgres: walwriter <br>polkitd   61690  0.0  0.0 157912  1816 ?        Ss   09:42   0:00 postgres: autovacuum launcher <br>polkitd   61691  0.1  0.0  11912   952 ?        Ss   09:42   0:07 postgres: stats collector <br>polkitd   61692  0.0  0.0 157788  1552 ?        Ss   09:42   0:00 postgres: logical replication launcher <br>polkitd   61693  0.0  0.0   2520   660 ?        S    09:42   0:00 /home/acunetix/.acunetix/v_220425114/backend/opsrv --conf /home/acunetix/.acunetix/wvs.ini<br>polkitd   61694  5.9  0.7 447800 114272 ?       Sl   09:42   5:58 /home/acunetix/.acunetix/v_220425114/backend/opsrv --conf /home/acunetix/.acunetix/wvs.ini<br>polkitd   61767  0.0  0.1 586772 21524 ?        Sl   09:43   0:00 /home/acunetix/.acunetix/data/acusensor/sensor-bridge --ssl-cert /home/acunetix/.acunetix/data/certs/server.cer --ssl-key /home/acunetix/.acunetix/data/certs/server.key --log /home/acunetix/.acunetix/logs/acusensor-bridge.log --log-level INFO --interface 0.0.0.0 --port 7880<br>root      69187  0.0  0.0      0     0 ?        S    Sep16   0:00 [kworker/1:0]<br>postfix   71003  0.0  0.0  89908  4132 ?        S    10:22   0:00 pickup -l -t unix -u<br>root      76259  0.0  0.0 148856  3252 pts/0    S+   10:48   0:00 ssh cloud@172.118.26.218<br>root      76482  0.0  0.0      0     0 ?        S    10:49   0:00 [kworker/0:1]<br>root      78103  0.0  0.0      0     0 ?        S    Sep16   0:00 [kworker/0:2]<br>root      79343  0.0  0.0      0     0 ?        S    11:00   0:00 [kworker/7:2]<br>root      80516  0.0  0.0      0     0 ?        S    11:11   0:00 [kworker/7:0]<br>root      81398  0.0  0.0      0     0 ?        S    11:16   0:00 [kworker/7:1]<br>root      81449  0.0  0.0 114520  4692 ?        Ss   11:17   0:00 sshd: root@pts/1<br>root      81453  0.0  0.0 116736  3112 pts/1    Ss+  11:17   0:00 -bash<br>root      82067  0.0  0.0      0     0 ?        S    11:19   0:00 [kworker/2:2]<br>root      82473  0.0  0.0      0     0 ?        S    11:21   0:00 [kworker/4:0]<br>cockpit+  82802  0.3  0.0 315044  5248 ?        Ssl  11:22   0:00 /usr/libexec/cockpit-ws -p 9999<br>polkitd   82820  0.5  0.0 161564  8540 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39884) idle<br>polkitd   82828  0.4  0.0 160540  8676 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39886) idle<br>polkitd   82829  0.4  0.0 161600  8540 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39888) idle<br>polkitd   82832  0.5  0.0 161576  8836 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39890) idle<br>polkitd   82833  0.5  0.0 161564  8796 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39892) idle<br>polkitd   82836  0.4  0.0 159888  8036 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39894) idle<br>polkitd   82837  0.5  0.0 161600  8768 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39896) idle<br>polkitd   83232  0.6  0.0 160536  8292 ?        Ss   11:23   0:00 postgres: acunetix wvs 127.0.0.1(39900) idle<br>root      83381  0.0  0.0 108056   356 ?        S    11:23   0:00 sleep 60<br>root      84275  0.0  0.0 114848  4836 ?        Ss   11:23   0:00 sshd: root@notty<br>root      84293  0.0  0.0 114644  4444 ?        Rs   11:23   0:00 sshd: root [priv]<br>sshd      84294  0.0  0.0  56096  2312 ?        S    11:23   0:00 sshd: root [net]<br>root      84295  0.0  0.0 113284  1580 ?        Ss   11:23   0:00 bash -c /bin/ps auxww 2&gt;/dev/null<br>root      84302  0.0  0.0 155452  1888 ?        R    11:23   0:00 /bin/ps auxww<br>root      86627  0.0  0.0      0     0 ?        S    Sep06   0:00 [kworker/u256:3]<br>root      89067  0.0  0.0      0     0 ?        S    Sep16   0:03 [kworker/5:0]<br>root      97886  0.0  0.0      0     0 ?        S    Sep16   0:02 [kworker/4:2]<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188419298584" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419298584-container');" onmouseover="this.style.cursor='pointer'">152742 - Unix Software Discovery Commands Available<div id="idp45188419298584-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419298584-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to log in to the remote host using the provided credentials and is able to execute all commands used to find unmanaged software.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to determine that it is possible for plugins to find and identify versions of software on the target host. Software that is not managed by the operating system is typically found and characterized using these commands.  This was measured by running commands used by unmanaged software plugins and validating their output against expected results.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2021/08/23, Modified: 2021/08/23<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Unix software discovery checks are available.<br> <br>Account  : root<br>Protocol : SSH<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<div xmlns="" id="idp45188419306392" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419306392-container');" onmouseover="this.style.cursor='pointer'">20094 - VMware Virtual Machine Detection<div id="idp45188419306392-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419306392-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host is a VMware virtual machine.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">According to the MAC address of its network adapter, the remote host is a VMware virtual machine.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Since it is physically accessible through the network, ensure that its configuration matches your organization's security policy.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2005/10/27, Modified: 2019/12/11<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/0</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The remote host is a VMware virtual machine.<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419326104" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419326104-container');" onmouseover="this.style.cursor='pointer'">10386 - Web Server No 404 Error Code Check<div id="idp45188419326104-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419326104-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server does not return 404 error codes.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server is configured such that it does not return '404 Not Found' error codes when a nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.<br> <br>Nessus has enabled some counter measures for this.  However, they might be insufficient.  If a great number of security holes are produced for this port, they might not all be accurate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/04/28, Modified: 2022/06/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The following title tag will be used :<br>资产灯塔系统<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419354520" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419354520-container');" onmouseover="this.style.cursor='pointer'">10386 - Web Server No 404 Error Code Check<div id="idp45188419354520-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419354520-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server does not return 404 error codes.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server is configured such that it does not return '404 Not Found' error codes when a nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.<br> <br>Nessus has enabled some counter measures for this.  However, they might be insufficient.  If a great number of security holes are produced for this port, they might not all be accurate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/04/28, Modified: 2022/06/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9090/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>The following string will be used :<br>TYPE=password<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419362712" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419362712-container');" onmouseover="this.style.cursor='pointer'">10386 - Web Server No 404 Error Code Check<div id="idp45188419362712-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419362712-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server does not return 404 error codes.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server is configured such that it does not return '404 Not Found' error codes when a nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.<br> <br>Nessus has enabled some counter measures for this.  However, they might be insufficient.  If a great number of security holes are produced for this port, they might not all be accurate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/04/28, Modified: 2022/06/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The following title tag will be used :<br>Spug<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419370648" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419370648-container');" onmouseover="this.style.cursor='pointer'">10386 - Web Server No 404 Error Code Check<div id="idp45188419370648-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419370648-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server does not return 404 error codes.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server is configured such that it does not return '404 Not Found' error codes when a nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.<br> <br>Nessus has enabled some counter measures for this.  However, they might be insufficient.  If a great number of security holes are produced for this port, they might not all be accurate.<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2000/04/28, Modified: 2022/06/17<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/51371/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">The following title tag will be used :<br>Vite App<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419390872" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419390872-container');" onmouseover="this.style.cursor='pointer'">10302 - Web Server robots.txt Information Disclosure<div id="idp45188419390872-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419390872-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote web server contains a 'robots.txt' file.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The remote host contains a file named 'robots.txt' that is intended to prevent web 'robots' from visiting certain directories in a website for maintenance or indexing purposes.  A malicious user may also be able to use the contents of this file to learn of sensitive documents or directories on the affected site and either retrieve them directly or target them for other attacks.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419393944" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="http://www.robotstxt.org/orig.html" target="_blank">http://www.robotstxt.org/orig.html</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Review the contents of the site's robots.txt file, use Robots META tags instead of entries in the robots.txt file, and/or adjust the web server's access controls to limit access to sensitive material.<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 1999/10/12, Modified: 2018/11/15<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;">Contents of robots.txt :<br> <br>User-agent: *<br>Disallow: /<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419425048" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419425048-container');" onmouseover="this.style.cursor='pointer'">106375 - nginx HTTP Server Detection<div id="idp45188419425048-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419425048-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The nginx HTTP server was detected on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to detect the nginx HTTP server by looking at the HTTP banner on the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419428120" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://nginx.org/" target="_blank">https://nginx.org/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188419435928" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0677</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2018/01/26, Modified: 2023/05/24<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/5003/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL     : https://172.16.187.220:5003/<br>  Version : 1.20.1<br>  source  : Server: nginx/1.20.1<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419453080" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419453080-container');" onmouseover="this.style.cursor='pointer'">106375 - nginx HTTP Server Detection<div id="idp45188419453080-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419453080-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The nginx HTTP server was detected on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to detect the nginx HTTP server by looking at the HTTP banner on the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419456152" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://nginx.org/" target="_blank">https://nginx.org/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188419459864" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0677</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2018/01/26, Modified: 2023/05/24<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/9999/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL     : http://172.16.187.220:9999/<br>  Version : unknown<br>  source  : Server: nginx<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h2 xmlns="" class=""></h2>
<div xmlns="" id="idp45188419464728" style="box-sizing: border-box; width: 100%; margin: 0 0 10px 0; padding: 5px 10px; background: #67ACE1; font-weight: 700; font-size: 14px; line-height: 20px; color: #fff;" class="" onclick="toggleSection('idp45188419464728-container');" onmouseover="this.style.cursor='pointer'">106375 - nginx HTTP Server Detection<div id="idp45188419464728-toggletext" style="float: right; text-align: center; width: 8px;">
                -
            </div>
</div>
<div xmlns="" id="idp45188419464728-container" style="margin: 0 0 45px 0;" class="section-wrapper">
<div class="details-header">Synopsis<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">The nginx HTTP server was detected on the remote host.<div class="clear"></div>
</div>
<div class="details-header">Description<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Nessus was able to detect the nginx HTTP server by looking at the HTTP banner on the remote host.<div class="clear"></div>
</div>
<div class="details-header">See Also<div class="clear"></div>
</div>
<div id="idp45188419467800" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr><th width="100%"></th></tr></thead>
<tbody><tr class=""><td class="#ffffff" style=" " colspan="1"><a href="https://nginx.org/" target="_blank">https://nginx.org/</a></td></tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Solution<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">n/a<div class="clear"></div>
</div>
<div class="details-header">Risk Factor<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">None<div class="clear"></div>
</div>
<div class="details-header">References<div class="clear"></div>
</div>
<div id="idp45188419471512" style="display: block;" class="table-wrapper see-also">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="15%"></th>
<th width="85%"></th>
</tr></thead>
<tbody><tr class="">
<td class="#ffffff" style=" " colspan="1">XREF</td>
<td class="#ffffff" style=" " colspan="1">IAVT:0001-T-0677</td>
</tr></tbody>
</table>
<div class="clear"></div>
</div>
<div class="details-header">Plugin Information<div class="clear"></div>
</div>
<div style="line-height: 20px; padding: 0 0 20px 0;">Published: 2018/01/26, Modified: 2023/05/24<div class="clear"></div>
</div>
<div class="details-header">Plugin Output<div class="clear"></div>
</div>
<h2>tcp/51371/www</h2>
<div class="clear"></div>
<div style="box-sizing: border-box; width: 100%; background: #eee; font-family: monospace; padding: 20px; margin: 5px 0 20px 0;"> <br>  URL     : http://172.16.187.220:51371/<br>  Version : 1.19.9<br>  source  : Server: nginx/1.19.9<div class="clear"></div>
</div>
<div class="clear"></div>
<div class="clear"></div>
</div>
<div xmlns="" class="clear"></div>
<h6 xmlns="" id="idp45188419476248" style="padding: 20px 0; border-top: 1px dotted #ccc; border-bottom: 1px dotted #ccc; font-size: 20px; font-weight: 400; line-height: 20px;">Compliance 'FAILED'</h6>
<h6 xmlns="" id="idp45188419476632" style="padding: 20px 0; border-top: 1px dotted #ccc; border-bottom: 1px dotted #ccc; font-size: 20px; font-weight: 400; line-height: 20px;">Compliance 'SKIPPED'</h6>
<h6 xmlns="" id="idp45188419477016" style="padding: 20px 0; border-top: 1px dotted #ccc; border-bottom: 1px dotted #ccc; font-size: 20px; font-weight: 400; line-height: 20px;">Compliance 'PASSED'</h6>
<h6 xmlns="" id="idp45188419477400" style="padding: 20px 0; border-top: 1px dotted #ccc; border-bottom: 1px dotted #ccc; font-size: 20px; font-weight: 400; line-height: 20px;">Compliance 'INFO', 'WARNING', 'ERROR'</h6>
<h6 xmlns="" id="idp45188419477784" style="padding: 20px 0; border-top: 1px dotted #ccc; border-bottom: 1px dotted #ccc; font-size: 20px; font-weight: 400; line-height: 20px;">Remediations</h6>
<div xmlns="" id="idp45188419478168" style="font-size: 22px; font-weight: 700; padding: 10px 0;">Suggested Remediations<div class="clear"></div>
</div>
<div xmlns="" style="line-height: 20px; padding: 0 0 20px 0;">Taking the following actions across 1 hosts would resolve 52% of the vulnerabilities on the network.<div class="clear"></div>
</div>
<div xmlns="" id="idp45188419478936" style="display: block;" class="table-wrapper ">
<table cellpadding="0" cellspacing="0">
<thead><tr>
<th width="1%"></th>
<th width="82%"></th>
<th width="1%"></th>
<th width="8%"></th>
<th width="8%"></th>
</tr></thead>
<tbody>
<tr class="plugin-row-header">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">Action to take</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">Vulns</td>
<td class="#ffffff" style=" " colspan="1">Hosts</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">Tenable Nessus &lt; 10.6.0 Multiple Vulnerabilities (TNS-2023-29): Upgrade to Tenable Nessus 10.6.0 or later.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">49</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">Jenkins plugins Multiple Vulnerabilities (2023-08-16): Update Jenkins plugins to the following versions:   - Blue Ocean Plugin to version 1.27.5.1 or later   - Config File Provider Plugin to version 953.v0432a_802e4d2 or later   - Delphix Plugin to version 3.0.3 or later   - Docker Swarm Plugin: See vendor advisory   - Favorite View Plugin: See vendor advisory   - Flaky Test Handler Plugin to version 1.2.3 or later   - Folders Plugin to version 6.848.ve3b_fd7839a_81 or later   - Fortify Plugin to version 22.2.39 or later   - Gogs Plugin: See vendor advisory   - Maven Artifact ChoiceListProvider (Nexus) Plugin: See vendor advisory   - NodeJS Plugin to version 1.6.0.1 or later   - Shortcut Job Plugin to version 0.5 or later   - Tuleap Authentication Plugin to version 1.1.21 or later  See vendor advisory for more details.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">28</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">CentOS 7 : java-11-openjdk (CESA-2023:1875): Update the affected packages.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">7</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">OpenJDK 8 &lt;= 8u362 / 11.0.0 &lt;= 11.0.18 / 17.0.0 &lt;= 17.0.6 / 20.0.0 &lt;= 20.0.0 Multiple Vulnerabilities (2023-04-18: Upgrade to an OpenJDK version greater than 8u362 / 11.0.18 / 17.0.6 / 20.0.0</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">7</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">Apache Log4j 2.0 &lt; 2.3.2 / 2.4 &lt; 2.12.4 / 2.13 &lt; 2.17.1 RCE: Upgrade to Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation.  Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">5</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">CentOS 7 : git (CESA-2023:3263): Update the affected packages.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">2</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">CentOS 7 : bind (CESA-2023:4152): Update the affected packages.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">1</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">CentOS 7 : emacs (CESA-2023:3481): Update the affected packages.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">1</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">CentOS 7 : kernel (CESA-2023:4151): Update the affected packages.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">1</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">CentOS 7 : python (CESA-2023:3555): Update the affected packages.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">1</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
<tr class="plugin-row">
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">CentOS 7 : python3 (CESA-2023:3556): Update the affected packages.</td>
<td class="#ffffff" style=" " colspan="1"></td>
<td class="#ffffff" style=" " colspan="1">0</td>
<td class="#ffffff" style=" " colspan="1">1</td>
</tr>
</tbody>
</table>
<div class="clear"></div>
</div>
<div class="clear"></div></div><div class="clear"></div></div><div style="width: 1024px; box-sizing: border-box; text-align: center; font-size: 12px; color: #999; padding: 10px 0 20px 0; margin: 0 auto;">
                    © 2023 Tenable™, Inc. All rights reserved.
                </div></body></html>
